Port based authentication and dynamic VLANs

jbeining · ‎04-29-2004

Hello there.

I would like help for this setup: I have a 3550 switch, a ACS and a w2k with AD. Now, i would like to authenticate users against the AD an place them in the VLANs they belong to.

I have worked with this for a week now, but I just can't get it to work.

Would anyone be kind enough to send me an example of a switch config and maybe some guidelines how to configure til ACS server - screendumps would be welcome.

Thank you very much.

Best regards

Jan Beining

dhickey · ‎05-06-2004

I have done this before, and I know you mentioned the 3500 series switches, but here is a link to configuring 802.1x authenticaton on the 6000 series. It shows pictures of the ACS setup.

http://www.cisco.com/en/US/customer/products/hw/switches/ps700/products_tech_note09186a00801d11a4.shtml

There are also some links at the bottom of the page that might help you. I had this working one time with Microsoft IAS on 2000 Server (I was just playing around). However it was a while ago. I was using a 3550 so I know that it will work. I haven't played around with ACS enough yet, but I am assigning VLANS to our wireless users (currently with IAS and moving towards ACS).

Here is the 3550 802.1x link -

http://www.cisco.com/en/US/customer/products/hw/switches/ps646/products_configuration_guide_chapter09186a008011594a.html

Hope that helps some....

Don

vcangussu · ‎05-11-2004

I need use this system but in my network use SMS, remote manager, Microsoft.

How is it work, because the port needs authentication before the trafic passthrought ?