Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

MAC OS-X - Machine-Authentication via ACS 5.x

My customer has a large deployment of MACs running OS-X. He wants to authenticate the clients through an ACS server (ACS 5.2.0.26) and Open LDAP by using the clients MAC addresses and dynamically move them to a specific SSID, if connected to WLAN.

All clients are stored within LDAP with the MAC addresses.

Clients can be connected either via WLAN (WLC 5508) or wired via switches

I'm able to authenticate the users but the clients themself never get access to the network. I saw in several discussions that MACs are not able to do machine-authentication since they don't provide something like Host/ as Windows clients do.

My questions:

1. Has somebody made the same experiences ?

2. Has somebody been able to get this running ?

3. Can anyone provide me a link or config example of ACS to

Scheme:

MAC ------- LWAPP -------WLC 5508 -------------------- ACS------------------------Open LDAP

OS-X                            7.0.116.0                        5.0.2.26

Any hints or tipps are very much appreciated

Many thanks in advance and best regards

Roman     

2 REPLIES
Silver

MAC OS-X - Machine-Authentication via ACS 5.x

Hello,

You can get Macintosh machine authentication working with ACS but it is a little bit tricky. You can refer to:

https://supportforums.cisco.com/docs/DOC-15477

Also, if needed Apple Support should be involved if assistance is needed configuring the client side.

Hope this helps.

Regards.

Community Member

MAC OS-X - Machine-Authentication via ACS 5.x

Hello Carlos,

many thanks for your post. If I understood the referred doc right they use EAP-TLS with certificates for machine authentication but my customer only wants to check the clients against their MAC-adresses which are stored in Open LDAP directory.

I really appreciate any further hints or tipps.

Regards

1402
Views
0
Helpful
2
Replies
CreatePlease to create content