Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1135
Views
0
Helpful
2
Replies

WLC and 802.1X and ISE flow

Go to solution
Kn1ghtR1d3rOfD00m
Level 1
Level 1

‎04-22-2017 09:32 PM - edited ‎03-11-2019 12:39 AM

Hi Experts, 

I have a question, tried to seach for the correct answer and even read some material about it, but still I dont have like a full and crystal overview of how the 802.1X works

in a lot of examples of 802.1X and , they are referencing as the 802.1X as Port Based Authentication. They always put a Cisco Switch as the intermediare device between the client and the RADIUS Server, ok, thats fine, but 

I want to fully understand in a Wireless Environment with ISE as RADIUS, a WLC in the middle and several APs for connecting clients,

I want to know if the WLC is acting as the 802.1X switch in the middle or if it is the ISE?

In other words, Im quite confused cause I thought the 802.1X is configurable only in a physical switch wired connected to workstation, do you see what I'm saying?

I hear a lot of the IT guys in my work about ISE and 802.1X via wireless, but I still keep thinking that they are refering to the switch where the workstation is wired connected to the switch, but in the wireless?

Is it the WLC performing the role of 802.1X like the switch in the middle or is it the ISE server doing the 802.1X?

Im confused cause I used to think that 802.1X is when you go to the interface of the switch and put the commands and bla bla bla, but in a wireless infra, who is the 802.1X guy? 

Can someone please explain me?

Regards, 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-23-2017 12:11 AM

In a wireless 802.1x environment, the wireless LAN controller (WLC) is the authenticator (also known as Network Access Device or NAD by ISE).

We set the wireless 802.1x bits under the WLAN settings (mostly Security and Advanced tabs) on the WLC. That is roughly equivalent to the global and interface-specific settings we make on a switch  

The ISE server is the RADIUS server - it is never the NAD. 

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-23-2017 12:11 AM

In a wireless 802.1x environment, the wireless LAN controller (WLC) is the authenticator (also known as Network Access Device or NAD by ISE).

We set the wireless 802.1x bits under the WLAN settings (mostly Security and Advanced tabs) on the WLC. That is roughly equivalent to the global and interface-specific settings we make on a switch  

The ISE server is the RADIUS server - it is never the NAD. 

0 Helpful

Go to solution
Kn1ghtR1d3rOfD00m
Level 1
Level 1
In response to Marvin Rhoads

‎04-23-2017 09:50 AM

nice, perfect, got it, all this start making sense Mr. Rhoads, 

such a nice explanation.

Regards, 

0 Helpful
Customers Also Viewed These Support Documents