Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3023
Views
0
Helpful
6
Replies

Google WiFi 802.1x Authentication with ISE

Go to solution
paul
Level 10
Level 10

‎04-09-2019 11:59 AM

Has anyone done Google account authentication with ISE for WiFI 802.1x access?  Not Google two factor, just using google account login (email) and password to connect to 802.1x WiFi.  Meraki has a Google connector built directly into their solution.  I have seen other solutions like JumpCloud that you can use to integrate.  I think I can set something up with FreeRADIUS as well.

 

Just checking if anyone has gone through this setup.  This is for a K12 where all the students have Google accounts and they want to allow some to connect to a special 802.1x SSID.

 

 

0 Helpful
1 Accepted Solution

Accepted Solutions
6 Replies 6

Go to solution
paul
Level 10
Level 10
In response to howon

‎04-09-2019 02:57 PM

This is a bit different as they want students to be able to use their Google credentials on their personal mobile devices to join an SSID. I have pivoted to using your SAML document to setup guest portal with Google SAML. Then I am going to do an AD group lookup in authorization phase as their Google and AD account have same principle name.
0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to paul

‎04-10-2019 08:49 AM

@howon @paul I would think ISE would need a way to communicate with it via some sort of proxy?

0 Helpful

Go to solution
paul
Level 10
Level 10
In response to Jason Kunst

‎04-10-2019 09:36 AM

That was the genesis of my original question.  I think to do Dot1x with Google account you need to have an external RADIUS server with hooks into Google to do this. Meraki has native integration, but outside of SAML ISE doesn't.

 

I am going to use a variation of this post:

 

https://community.cisco.com/t5/security-documents/google-suite-guest-sso-single-sign-on-with-ise-via-saml-for/ta-p/3643930

 

0 Helpful

Go to solution
paul
Level 10
Level 10
In response to paul

‎04-12-2019 08:03 AM

Just closing this out, I tested the Google SAML setup on a guest portal with the customer today using Google department value filtering and it worked perfectly.  Great document.

0 Helpful

Go to solution
giovanni.augusto
Level 1
Level 1
In response to paul

‎07-23-2019 07:27 AM

Hi,

 

I know this post is a little old but I would like to ask:

 

Are you able to retrieve groups information or any other information from Google by using Google authentication with ISE?

and with Meraki? have you been able to?

 

My assumption is that both Meraki and ISE provide only authentication result but no attributes when authentication is done against Google but I may be wrong.

0 Helpful
Customers Also Viewed These Support Documents