08-31-2015 01:26 AM - edited 07-05-2021 03:51 AM
Am setting up the virtual Wireless LAN Controller. Have WPA2/PSK working fine. Am also trying to do a pretty vanilla user authentication against Active Directory via LDAP.
Should I be able to do LDAP user authentication just using the vWLC and AD servers?
In the past I've use ACS, but don't have it available here (or ISE).
Using software 8.1.111.0 and 2602 APs.
Thanks.
08-31-2015 01:46 AM
08-31-2015 03:12 AM
Thanks.
So it seems web authentication is the only mechanism that can use LDAP. Hence, LDAP not available with 802.1x WPA2 just using WLC?
From doc:
Note: Web authentication is not supported with 802.1x authentication. This means you cannot choose 802.1x or a WPA/WPA2 with 802.1x as the Layer 2 security when you use web authentication. Web authentication is supported with all other Layer 2 security parameters
08-31-2015 11:34 PM
Got WPA2 / Web-auth with splash page working with LDAP authentication to back end AD server.
11-12-2015 07:00 PM
Hi Pkemp,
Did you get a way to configure WPA and AD/LDAP authentication without ACS?
Thanks,
Thuc
11-12-2015 07:11 PM
Hi Thuc. No. I tried, but could only get Web-auth working with LDAP, which we are now using.
11-12-2015 07:15 PM
Thanks for your reply. So, I find out Local EAP Authentication on WLC without ACS. Do you try this one?
http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/100590-ldap-eapfast-config.html
Thuc
11-12-2015 07:36 PM
No. We wanted support for EAP-TTLS, which Local EAP apparently doesn't support.
11-12-2015 07:42 PM
Thanks you for advice.
Thuc
08-31-2015 10:41 AM
For proper Step by Step Configuration ,check below.
http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_chapter_0110001.html
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: