- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-19-2019 07:42 AM
Hi all!
I have multiple problems using 802.1x authentication in my environment. Wu currently use cisco wlc -> MS NPS -> Azure AD
We're looking for possibility to replace NPS with brand new Cisco ISE.
Is it possible to use Azure AD as external identity source for 802.1x?
Probably someone could provide guide how to configure such interaction.
Solved! Go to Solution.
- Labels:
-
Identity Services Engine (ISE)
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-19-2019 08:17 PM
or adding it as LDAP server. Both ways you can get the integration working
(there are limitation if you use it as LDAP). To join ISE to domain, you
need to configure ISE with domain DNS servers to resolve the domain to
azure AD.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-03-2019 01:22 PM
https://docs.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-configure-ldaps
Our team has not officially tested this or more general AAD use cases for DOT1X auth. please reach out to http://cs.co/ise-feedback for public access to roadmap or internally via http://cs.co/ise-pm
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-19-2019 08:17 PM
or adding it as LDAP server. Both ways you can get the integration working
(there are limitation if you use it as LDAP). To join ISE to domain, you
need to configure ISE with domain DNS servers to resolve the domain to
azure AD.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-13-2019 11:48 AM
Hi,
Can you share the "how to integrate ISE with Azure AD as LDAP" document. do we need an ISE interface which is Publicly reachable by Azure ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-01-2019 11:57 PM
Do we have any documentation on this topic, so how to integrate ISE with Azure AD for Cisco wireless authentication?

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-03-2019 01:22 PM
https://docs.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-configure-ldaps
Our team has not officially tested this or more general AAD use cases for DOT1X auth. please reach out to http://cs.co/ise-feedback for public access to roadmap or internally via http://cs.co/ise-pm
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-12-2019 04:24 PM
This advice is not correct. Azure AD is not Active Directory nor is it accessible via LDAP. I haven't run through the setup yet, but maybe you can try this - https://community.cisco.com/t5/security-documents/notes-on-azure-ad-as-saml-idp/ta-p/3644255
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-29-2019 09:56 AM
Hi!
Do you have document available where has been told that Azure ad works as authentication source?
If i try to add Azure AD LDAPS connection, ISE says that socket is closed? Why?
And with Clearpass i can connect to azure and use it for tacacs and admin authentication but not 802.1x authentication.
-Petri
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-18-2019 06:42 AM
Hi!
So you have working environment with on premise WLC, NPS and Azure AD?
Could you give me guidance how you can manage to do that? On premise NPS can use azure as authentication source? We have that same setup and at this point is would be enought if we can autenticate against Azure AD.
How can i make connection from NPS to Azure AD?
-Petri
