Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
627
Views
0
Helpful
2
Replies

Configuration procedure of CISCO WLC 2504

pinjar84062
Level 1
Level 1

‎10-23-2016 08:45 AM - edited ‎07-05-2021 06:01 AM

We need your support to solve CISCO  Wi-Fi related problem  of one of our valuable customer.  As per requirement of our customer, certificate authentication (CA) will be done in WLC through active directory and this authentication process  will be completed by creating radius server. The main requirement of  our client is that their  users who are under  domain controller, need not to put any username/password to access internet. To get the internet , they just  have to click SSID. And this user name and password will be controlled by radius server of active directory. For this purpose we need to configure radius server in WLC. Is it possible if we configure radius server in  CISCO WLC 2504, our client will get their above mentioned requirement? If yes, then you are requested to send us the full documents or videos (any kind of link)of the detailed procedures through mail. But if CISCO WLC 2504 model does not support this requirement, please immediately  inform us which model we need to use to fulfill our clients requirement along with configuration procedure.

0 Helpful
2 Replies 2

Scott Fella
Hall of Fame
Hall of Fame

‎10-23-2016 10:07 AM

You need to understand authentication when it comes to wireless. You mentioned domain user and not logging in. You can do this with domain computers and using EAP-TLS, however the company needs to have a root CA server that is domain joined, a radius server that is also domain joined and you need to push a GPO to push the certificates to all domain computers along with the SSID. This is how it works for all the vendors, not just Cisco. 

If for example you don't push GPO and you want them to just click on an SSID, you have now created another step for a user. You can also use 802.1x that will use the users login but it's still best to push that out through GPO. 

You will not find a controller that has a built in radius that ties into AD.  You need to setup one.

-Scott

*** Please rate helpful posts ***

-Scott
*** Please rate helpful posts ***
0 Helpful

pinjar84062
Level 1
Level 1
In response to Scott Fella

‎10-30-2016 08:49 PM

Thanks for your reply. we provide below link for our client. www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/115988-nps-wlc-config-000.html But client reply us, "This documentation is for authenticating against ADDS. But our requirements is authentication against ADCS. So, we need a WLC which supports PEAP Enterprise." So i need your expert suggestion to solve this issue.
Preview file
6421 KB
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card