01-08-2012 03:38 AM - edited 03-10-2019 06:41 PM
My customer has a large deployment of MACs running OS-X. He wants to authenticate the clients through an ACS server (ACS 5.2.0.26) and Open LDAP by using the clients MAC addresses and dynamically move them to a specific SSID, if connected to WLAN.
All clients are stored within LDAP with the MAC addresses.
Clients can be connected either via WLAN (WLC 5508) or wired via switches
I'm able to authenticate the users but the clients themself never get access to the network. I saw in several discussions that MACs are not able to do machine-authentication since they don't provide something like Host/ as Windows clients do.
My questions:
1. Has somebody made the same experiences ?
2. Has somebody been able to get this running ?
3. Can anyone provide me a link or config example of ACS to
Scheme:
MAC ------- LWAPP -------WLC 5508 -------------------- ACS------------------------Open LDAP
OS-X 7.0.116.0 5.0.2.26
Any hints or tipps are very much appreciated
Many thanks in advance and best regards
Roman
01-09-2012 10:12 AM
Hello,
You can get Macintosh machine authentication working with ACS but it is a little bit tricky. You can refer to:
https://supportforums.cisco.com/docs/DOC-15477
Also, if needed Apple Support should be involved if assistance is needed configuring the client side.
Hope this helps.
Regards.
01-09-2012 11:10 PM
Hello Carlos,
many thanks for your post. If I understood the referred doc right they use EAP-TLS with certificates for machine authentication but my customer only wants to check the clients against their MAC-adresses which are stored in Open LDAP directory.
I really appreciate any further hints or tipps.
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide