dynamic vlan assignment with ISE and AD
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-26-2019 05:11 AM
Hi dear friend
we want to use authenticate WiFi users with Cisco ISE, Also we want to assign vlan to users after authentication by cisco ISE, as note, ISE server is integrated with Micorosft AD for authentication, when a user see credential pop-up, send its credential to ISE, ISE check it with AD and assign a group/vlan to this user
this procedure doesnt work accurately on ZD 1200.
if u can, help me please
regards
Reza
we want to use authenticate WiFi users with Cisco ISE, Also we want to assign vlan to users after authentication by cisco ISE, as note, ISE server is integrated with Micorosft AD for authentication, when a user see credential pop-up, send its credential to ISE, ISE check it with AD and assign a group/vlan to this user
this procedure doesnt work accurately on ZD 1200.
if u can, help me please
regards
Reza
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-26-2019 03:41 PM
Hi Reza, do you need the ISE to authenticate? Depending on what you are using the ISE for, you could authenticate to AD using the ZD1200 and change the VLAN based on attributes returned from AD,VLAN switching using this method works reliably and is quick to setup. Then if you need user details into ISE send RADIUS accounting info to the ISE.
Hope this is useful.
Robert
Hope this is useful.
Robert
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-27-2019 02:12 AM
Dear Robert
great reply
thank you
actually i dont need ISE basically
just i want to read different group from AD and assign VLANs to each group (user in group)
tell me this work with Dot1X?
would you help me how can i implement this on my network?
regards
Reza
great reply
thank you
actually i dont need ISE basically
just i want to read different group from AD and assign VLANs to each group (user in group)
tell me this work with Dot1X?
would you help me how can i implement this on my network?
regards
Reza
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-26-2019 10:13 PM
Hi,
If your looking for Vlan assignment based on AD authentication unsure why need ISE for this ?
We have done a AD authentication with MS Radius and Dynamic Vlan with Ruckus unleashed.
It works perfectly .
If your looking for Vlan assignment based on AD authentication unsure why need ISE for this ?
We have done a AD authentication with MS Radius and Dynamic Vlan with Ruckus unleashed.
It works perfectly .
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-27-2019 02:23 AM
Dear Friend
thanks for your reply
do u have any docs for implementing this?
i cant actually understand what should i do?
sending all Dot1X traffic to AD at first? or send other place?
and AD should work with NPS?
would you gimme more explain
regards
Reza
thanks for your reply
do u have any docs for implementing this?
i cant actually understand what should i do?
sending all Dot1X traffic to AD at first? or send other place?
and AD should work with NPS?
would you gimme more explain
regards
Reza
