04-16-2013 04:58 AM - edited 03-10-2019 08:18 PM
Hi,
I am deploying ISE with WLC 7.4. I have two SSID(s) running in my network 1. Corporate & 2. Services. I have a domain setup lets say "AD.com" with 4 groups 1. Corporate, 2. Services, 3. Employees, 4. Contractors.
Here is an example of the scenario that I want:
AD.com Group : Corporate's User : 1. C_USER1
2. C_USER2
3. C_USER3
4. C_USER4
5. C_USER5
AD.com Group : Services's User : 1. S_USER1
2. S_USER2
3. S_USER3
4. S_USER4
5. S_USER5
Now what I want to do is have 802.1x authentication on my Corporate SSID that will check in AD.com, ONLY AND in ONLY corporate group for authentication. That is only C_USER1 to C_USER5 are allowed to connect to it. Users from any other AD group shouldnt be authenticated on this SSID.
The same for the services group & SSID.
Thanks.
Usama
04-16-2013 05:22 AM
Found the solution on Cisco's URL
http://www.cisco.com/image/gif/paws/115734/ise-policies-ssid-00.pdf
Thanks,
05-16-2013 07:04 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide