Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4210
Views
0
Helpful
3
Replies

Using external radius with ise for guest authentication

jan.nielsen
Level 7
Level 7

‎05-28-2013 01:59 AM - edited ‎03-10-2019 08:28 PM

Hi Everyone,

I am trying to migrate from NAC Guest Server to Cisco ISE Guest CWA on wireless, and can't figure out whether what i am trying is just unsupported or i just can't find out how to do this ?

I am attempting to authenticate my existing guest users, using a radius lookup towards my existing NAC Guest server, which has many hundred guest users with long account duration, which i really don't want to recreate on ISE, and send new passwords to all those users. Problem is i can't export the user list from NAC guest server with the password intact, and ISE can't import guest users with a set password.

Any ideas ?

Labels:
0 Helpful
3 Replies 3

Richard Atkin
Level 4
Level 4

‎06-01-2013 11:33 PM

Setup Proxy-RADIUS between the two?

0 Helpful

Jatin Katyal
Cisco Employee
Cisco Employee

‎06-02-2013 12:30 PM

Hi Jan,

I understand what problem you're going through. There is a way to export users from the NAC Guest server; however it does not help us to import the users information with existing password. Richard suggested you the right thing to setup ISE as a RADIUS proxy server that will proxy the requests from a Network Access Device (NAD) to a RADIUS server  NAC Guest Server (NGS).

Defining an External RADIUS Server (Proxy service)

http://www.cisco.com/en/US/docs/security/ise/1.1.1/user_guide/ise_auth_pol.html#wp1127216

Jatin Katyal
- Do rate helpful posts -

~Jatin
0 Helpful

Venkatesh Attuluri
Cisco Employee
Cisco Employee

‎06-24-2013 08:45 AM

Setting up ISE as radius  proxy server will work because NAC guest user does not support exporting user information with passwords

Step 1 Choose Administration > Network Resources > External RADIUS Servers.

The External RADIUS Servers page appears.

Step 2 Click Filter > Advanced Filter to perform your search. The Filter page appears.

Step 3 You must define whether the search should match any or all of the rules that you define on this page.

Step 4 Enter your search criteria based on the name or description of the RADIUS server, choose an operator, and enter the value.

Step 5 You can do the following:

•To add a filter condition, click the plus sign (+).

•To remove a filter condition, click the minus sign (-).

•To clear all filter conditions, click Clear Filter.

Step 6 Click Go to perform your search.

You can also save the filter criteria so that it can be used again. Click the Save icon to save the filter condition.

0 Helpful
Customers Also Viewed These Support Documents