Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1172
Views
0
Helpful
2
Replies

ISE Authentcation via Active Directory based on SSID and AD Group

Usama Waheed Khan
Level 1
Level 1

‎04-16-2013 04:58 AM - edited ‎03-10-2019 08:18 PM

Hi,

I am deploying ISE with WLC 7.4. I have two SSID(s) running in my network 1. Corporate & 2. Services. I have a domain setup lets say "AD.com" with 4 groups 1. Corporate, 2. Services, 3. Employees, 4. Contractors.

Here is an example of the scenario that I want:

AD.com Group : Corporate's User : 1. C_USER1

                                                    2. C_USER2

                                                    3. C_USER3

                                                    4. C_USER4

                                                    5. C_USER5

AD.com Group : Services's User :   1. S_USER1

                                                    2. S_USER2

                                                    3. S_USER3

                                                    4. S_USER4

                                                    5. S_USER5

Now what I want to do is have 802.1x authentication on my Corporate SSID that will check in AD.com, ONLY AND in ONLY corporate group for authentication. That is only C_USER1 to C_USER5 are allowed to connect to it. Users from any other AD group shouldnt be authenticated on this SSID.

The same for the services group & SSID.

Thanks.

Usama

Labels:
0 Helpful
2 Replies 2

Usama Waheed Khan
Level 1
Level 1

‎04-16-2013 05:22 AM

Found the solution on Cisco's URL

http://www.cisco.com/image/gif/paws/115734/ise-policies-ssid-00.pdf

Thanks,

0 Helpful
Customers Also Viewed These Support Documents