Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

How to authenticate a Non domain member laptop with AAA

Dear all,

I do have problem in resolving issue for AAA, the scenario is like if a user connect his laptop with a cisco Switch, and the computer is not a member of domain, we do like to allow internet and get an ip from DHCP server only to those users who;s computers are member of active directory. do let me know how is it possible? support will be appreciated.

Regards

Ibrahim

1 REPLY
New Member

Re: How to authenticate a Non domain member laptop with AAA

Hi Ibrahim,

Do you use CiscoSecure ACS?

If so, this is possible, using AAA/dot1X on the switch and configuring ACS to authenticate against Active Directory.

There are lots of configuration examples available here:

http://www.cisco.com/en/US/products/sw/secursw/ps2086/prod_configuration_examples_list.html

Specifically the wired dot1x; nac: ldap integration with acs; cisco secure acs for windows with eap-tls machine authentication.

Although some of these are for wireless, I can't see why the principle can not be applied to wired.

Also there are posts on the learning network:

https://learningnetwork.cisco.com/thread/2221

https://learningnetwork.cisco.com/thread/12897

Regards, Ash.

202
Views
0
Helpful
1
Replies
CreatePlease login to create content