Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1138
Views
0
Helpful
1
Replies

Access Point AAA authentication using ISE

martaylor
Level 1
Level 1

‎07-08-2016 02:13 AM - edited ‎07-05-2021 05:23 AM

Hi

On a WLAN network for one of our customers we only allow APs to connect if they authorise against a AAA radius server using the mac address of the AP ethernet interface as the username and password. Currently we do this using an ACS as the AAA radius server.

We have a company wide password policy that wont change, that states all passwords need to be alpha numeric

Some new APs have been delivered and installed have the mac address that is numeric only

We also have an ISE for WLAN user authentication & authorisation.

Has anyone set up the ISE to act as the AAA radius server for AP authorisation and if so do you have any examples of the config used on the ISE

Could you also let me know what ISE licenses are needed to allow an AP to authenticate against an ISE.

Thanks

Martyn

Labels:
0 Helpful
1 Reply 1

Prakash Parvathala
Level 4
Level 4

‎07-25-2016 05:56 AM

HI

Enable RADIUS Change of Authorization (CoA) ... Enables ISE to act as a AAA server when interacting with the client at IP address 10.0.56.17. RADIUS Servers Configuration. Configure the switch to interoperate with Cisco ISE acting as the RADIUS source server.

Check the below threads for configuration examples.

http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_sw_cnfg.html

https://supportforums.cisco.com/discussion/11665651/cisco-ise-external-radius-server

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card