Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

802.1x authentication switch and AD

Hello,

I want to know if Cisco has solved the problem (MD5) between ACS and Active Directory?? because I want to configure 802.1x in a switch and it will integrate with Active Directory (Data Base)

The Solution is:

Switch <--> ACS (Authentication)<--> AD (Data Base)

Also i want to know if exist any solution no NAC Appliance that can use 802.1x integrate with AD in switch infraestructure??

Best Regards

  • AAA Identity and NAC
5 REPLIES

Re: 802.1x authentication switch and AD

MD5 between ACS and AD ? If you want to use AD then you need to use MSCHAP since MD5 is not supported by AD.

Here is the compatibility chart,

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs32/user02/o.htm#wp623530

Regards,

~JG

Do rate helpful posts

Re: 802.1x authentication switch and AD

then ... this work?? if is yes, please could you send me a example??

Best regards

Gold

Re: 802.1x authentication switch and AD

NAC appliance does not use 802.1x. They are independent of each other. I've never personally configured both for the same site so I wouldn't know what to expect if you did.

New Member

Re: 802.1x authentication switch and AD

I have hit the same challenge, where I need to authenticate the users against AD and I don't want to use the local CiscoSecure Database in ACS. For hundreds of users, there is no way I'm going to manage a database in ACS for user access. I have to manage the users in AD. I opened a case with Cisco and MS-CHAP is not supported by Cisco ACS, as I was provided this URL link:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/3.3/user/guide/o.html#wpxref846

Additionally, I was directed to the URL: http://www.ciscotaccc.com/kaidara-advisor/security/showcase?case=K24308566

I'm so stuck...there has to be way to use IEEE 802.1x with an external database such as LDAP.

New Member

Re: 802.1x authentication switch and AD

from what I am reading, it looks like you would set up the ACS as the radius server to authenticate to Active Directory. In this instance you still manage the users with Active Directory.

thanks,

Alex Pfeil

352
Views
0
Helpful
5
Replies
This widget could not be displayed.