Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new blog
634
Views
0
Helpful
1
Comments

Connect both EAP and PEAP configured Users on the same Switch via ISE

dhr.tech1
Spotlight
Spotlight
‎03-18-2024 12:16 PM

Lab Topology:

As you can see below, user David prefers to connect to LAN over EAP-TLS, but Simon prefers to connect over the LAN using PEAP.

dhrtech1_0-1710788934894.png

User David

 

Configured to use EAP-TLS based authentication. 

dhrtech1_1-1710788960510.png

User Simon

 

Configured to use PEAP Authentication 

dhrtech1_2-1710789012938.png

Authentication Setting

 

  • We need to integrate Active Directory with Cisco ISE, as shown below, for PEAP authentication.

dhrtech1_3-1710789047163.png

  • We also need to setup Certificate based Authentication for EAP-TLS Users

dhrtech1_4-1710789086707.png

  • The most important part to allow both EAP-TLS and PEAP to operate together is to perform below step.

dhrtech1_5-1710789121101.png

ISE Policy configuration

 

  1. Setup Authorisation profile, which will enable pushing Dynamic VLAN into the Cisco IOS switch for both EAP-TLS and PEAP Users.

dhrtech1_6-1710789170681.png

 

2. Authentication and Authorisation profiles

 

  • Create a new policy set.

dhrtech1_7-1710789224237.png

  • Create a single authentication policy for EAP-TLS and PEAP

dhrtech1_8-1710789260145.png

 

  • Create Authorisation Policy.

dhrtech1_9-1710789288889.png

 

Verification

dhrtech1_10-1710789320778.png

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

0 Helpful
1 Comment
Martin L
VIP
VIP
‎08-03-2024 05:40 AM
‎08-03-2024 05:40 AM

Thank You for sharing the insightful information!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Popular Articles
Customers Also Viewed These Support Documents