Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS 4.1 for a domain

hello all,

i've an ACS 4.1 solution engine. i would like to implement 802.1x on my 26 switches which are connecting to 6500 core. so in this scenario where should i place the ACS 4.1 box.

and in edge switches what all things i've to do, enabling 802.1x and enable AAA? so i need to use tacacs or radius.

i've an active directory.i've around 1000 users, so is it possible to use the domain user/passwd, to integrate with the ACS so that no need to create anything in ACS 4.1.

so i need to enable which protocol in my Active directory 2003?

in edge switches i need to enable AAA and i need to point it to the ACS4.1 ip address.

please guide me regarding the above thing, ill rate all the informative posts.



Cisco Employee

Re: ACS 4.1 for a domain

This should help get you started:


Let us know if you need more,

New Member

Re: ACS 4.1 for a domain

Hello jafrazie

thanks for the info, if you can give some inputs like how things should configure exactly, if you can share your experience that will be great.

New Member

Re: ACS 4.1 for a domain


i think cause cisco switches (wired) only support EAP-MD5 you CAN NOT authenticate via external Database on ACS to Windows-DB or AD 2003-DB. You must create the DB for authentication on the ACS (internal DB).

One Solution could be to introduce NAC (NAC L2 802.1x).

1. EAP Authentication Protocol and User Database Compatibility

2. NAC Introduction



CreatePlease login to create content