06-03-2016 07:27 AM - edited 03-10-2019 11:50 PM
Hello,
This is the scenario: three companies are part of a corporate, we want to authenticate this users by 802.1x, there have 3 Active Directory and 3 Cisco ISE.
Is not posible to join in a forest or "connect" Active Directoy.
This:
userA@companyA.com --> WLC Company B --> ISE Company B --> radius_connection --> ISE Company A --> AD@companyA.com
Is this possible?
THANK YOU!
Solved! Go to Solution.
06-04-2016 12:16 PM
Yes, it's called radius proxy. You can create seperate authentication rules, that match the domain name in your username, and send the request on to the proper ISE server.
In ISE it's the authentication policy, and the radius server sequence you need to work with
06-04-2016 12:16 PM
Yes, it's called radius proxy. You can create seperate authentication rules, that match the domain name in your username, and send the request on to the proper ISE server.
In ISE it's the authentication policy, and the radius server sequence you need to work with
06-06-2016 01:54 PM
Thank you, Jan.
I tried, it work well.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide