Is Windows 802.1X capable on WLC - AD?

JustTakeTheFirstStep · ‎01-08-2023

There are WLC - ISE - AD designs.
This is now a common design.

I will be removing ISE soon.
Is Windows capable of 1X authentication in WLC - AD?

Perhaps according to the guide you should use EAP-GTC .

And Windows doesn't seem to support EAP-GTC.
(Only supports EAP-MACHAPv2)

Clients in WLC - AD have no problems connecting to the wireless?

Scott Fella · ‎01-08-2023

LDAP connection was always supported. The use of a radius server allows for customization of policies and aaa override. For those that just want basic lookups and nothing else, then LDAP can be used with the supported protocols.
https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/211277-WLC-with-LDAP-Authentication-Configurati.html#anc9

-Scott
*** Please rate helpful posts ***

JustTakeTheFirstStep · ‎01-15-2023

According to the guide, you should use Cisco:PEAP.

You need to install the Windows supplicant to use Cisco:PEAP.

I think it is very cumbersome.

Karsten Iwen · ‎01-15-2023

If you already have Cisco ISE and you are using this for your Wireless Authentication, the only change needed is likely your RADIUS server that you move from ISE to Windows NPS. Not a move that I would suggest, as I typically only move from NPS to ISE.

And there is no supplicant to install, it's build into Windows.

But I really would suggest to get a consultant to help you with that. There are countless things that can easily go wrong if not done properly.