Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
555
Views
0
Helpful
2
Replies

NAC - Allocating Vlans to host ports based upon AD group membership

dave.chadwick
Level 1
Level 1

‎01-06-2011 11:58 PM - edited ‎07-03-2021 07:38 PM

Does anyone know a link or where I can get information about the following:-

My customer requires the hostport on an access switch to be allocated to a specific Vlan based upon the AD Group that the user is a memeber of ?  I am planning to setup NAC in a Real Gateway OOB deployment, using an ACS 5.2.  I was initially thinking that the initial authentication server would be the ACS and then the AD, which using group mappings within the AD, I could then assign the user to a specific ACS group and then pass a Radius attribute back to the NAC manager for processing - the problem is I'm unsure if this is even possible ?  Any Help would be appriciated. Thanks.

Labels:
0 Helpful
2 Replies 2

Federico Ziliotto
Cisco Employee
Cisco Employee

‎01-07-2011 12:34 AM

Hello David,

Nice to hear back from you on CSC ;-)

What you are looking for may be the mapping rules for authentication servers:
http://www.cisco.com/en/US/docs/security/nac/appliance/configuration_guide/48/cam/m_auth.html#wp1158789

Hope this helps,

Fede

--
If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

0 Helpful

Vinay Sharma
Level 7
Level 7

‎06-03-2011 05:06 AM

Hi David,

Please mark this Question "As Answered" if you have received the correct info from Fede.

thanks,

Vinay

Thanks & Regards
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card