Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
982
Views
10
Helpful
2
Replies

WLAN 802.1x Auth with LDAP / Mircofost NPS - Cisco Wireless LAN Controller

Go to solution
CiscoWiFiGuy
Level 1
Level 1

‎06-03-2021 09:43 PM - edited ‎07-05-2021 01:23 PM

Hello Experts,

I need your help in executing one task for our client who is having requirement of doing 802.1x Auth. They have AD server and they want their employees to connect to wifi via 802.1x .

As per my understanding , AD cant be directly integrated with WLC however we can use LDAP as a server and integrate LDAP with WLC.

While doing LDAP configs and configuring local EAP profile in WLC, and trying to use Cisco Peap on client end ( by changing client end wifi Adapter Configs) , it seems difficult as client is not ready to change anything on client adapter.

Client has CA server so i need your help in achieving this task like if i am using Microsoft NPS , could this task be done without any changes on client end? or if you have any other suggestion then please share. Appreciate if you can share some links which can help me to do it in a better way.

 

Need your help Plz.

 

Thanks,

@Scott Fella @Leo Laohoo @Rasika Nayanajith

@Sandeep Choudhary

 

1 Accepted Solution

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎06-04-2021 05:10 AM

If you have AD, Microsoft CA and NPS, you can implement 802.1x without any additional software on the client end. There are a lot of guides on how to implement NPS and the WLC using 802.1x, just search up “Cisco WLC with Microsoft NPS using 802.1x”
If AD and the CA servers are in place, then all domain joined devices should have a certificate if the client has already configured that piece. Once you get your testing done, you can create a GPO to push out the wireless profiles to the domain joined machines. If you have Intune or any MDM solution, you can also use that to push wireless profiles to non domain joined devices.
-Scott
*** Please rate helpful posts ***

View solution in original post

2 Replies 2

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎06-04-2021 05:10 AM

If you have AD, Microsoft CA and NPS, you can implement 802.1x without any additional software on the client end. There are a lot of guides on how to implement NPS and the WLC using 802.1x, just search up “Cisco WLC with Microsoft NPS using 802.1x”
If AD and the CA servers are in place, then all domain joined devices should have a certificate if the client has already configured that piece. Once you get your testing done, you can create a GPO to push out the wireless profiles to the domain joined machines. If you have Intune or any MDM solution, you can also use that to push wireless profiles to non domain joined devices.
-Scott
*** Please rate helpful posts ***

Go to solution
CiscoWiFiGuy
Level 1
Level 1
In response to Scott Fella

‎06-04-2021 11:42 AM

Thanks Scott,

I have got documentation based on your inputs / Suggestions , i will perform the required changes and will let you know if there are any issues.

Cheers!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card