Simple deplyoment

mickyq · ‎09-08-2016

Using WLC with ISE and AD I want to authenticate devices based on AD Domain Computers and authorise users based on a user AD group.

Can anyone point me in the direction of a document that will help with configuration.

Thanks

Sandeep Choudhary · ‎09-08-2016

Hi,

Then you need to implement 802.1x with PEAP:

Here are the basic guides:

http://pandaeatsbamboo.blogspot.de/2015/01/ise-13-vwlc-76-basic-8021x.html

http://www.labminutes.com/sec0186_ise_13_wireless_dot1x_eap-tls_peap_1

http://www.labminutes.com/sec0186_ise_13_wireless_dot1x_eap-tls_peap_2

Regards

Dont forget to rate helpful posts

mickyq · ‎09-08-2016

Thanks for the reply Sandeep.

the first link is for configuring byod with a local DB, the other two are using certificates.

I need to use AD for the authentication and authorisasion.

Thanks

Sandeep Choudhary · ‎09-08-2016

Above link will solve your problem.

1. Create SSID and assign your RADIUS server to SSID with AAA override function enabled

2. Join AD to ISE

3, Create Authentication and Authorization policy then you need to select a protocol by which you will authenticate client (simple is to use PEAP that required certificate only on ISE)

Regard

Dont forget to rate helpful posts

mickyq · ‎09-08-2016

ok, thanks Sandeep. I will give it a try.