Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1320
Views
0
Helpful
2
Replies

Cross Domain authentication via RADIUS

eighty3033
Level 1
Level 1

‎11-05-2004 06:51 AM - edited ‎07-04-2021 10:08 AM

Not sure anyone can answer this, but I have a question about authentication across different domains.

A laptop is a member of a work domain. At home, a domain is setup with a domain controller, Win2k RADIUS server, and an Aironet 1200 AP.

The laptop will need to authenticate to the home LAN via the RADIUS server, but it resides on another domain. The laptop while not docked at work logs into the work domain via cached credentials. Is it possible to login to the home LAN via wireless AP using the RADIUS server on the home domain?

Labels:
0 Helpful
2 Replies 2

umedryk
Level 5
Level 5

‎11-10-2004 01:14 PM

As far as I know, this cannot be done

0 Helpful

dixho
Level 6
Level 6

‎11-10-2004 04:50 PM

Yes, you should.

Unless you use PEAP MS-CHAP v2, Windows domain has nothing to do with Windows domain.

I assume that you use one of the 802.1x types and that you either enter a differnet user name when connecting to the home AP or configure the same username and password in the home radius server.

When you laptop at work tries to assoicate to the home AP, it sends out a user name. Depends on the exact 802.1x type, the home radius server somehow is authenticating the password either on the radius server on on the domain controller. 802.1x does not really understand Windows.

If you use PEAP MS-CHAP v2, it is quite different. You have to disable machine authenitcation.

Of course, the laptop at work cannot access the resource (say file server or print server) in your home domain.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card