My customer has a large deployment of MACs running OS-X. He wants to authenticate the clients through an ACS server (ACS 220.127.116.11) and Open LDAP by using the clients MAC addresses and dynamically move them to a specific SSID, if connected to WLAN.
All clients are stored within LDAP with the MAC addresses.
Clients can be connected either via WLAN (WLC 5508) or wired via switches
I'm able to authenticate the users but the clients themself never get access to the network. I saw in several discussions that MACs are not able to do machine-authentication since they don't provide something like Host/ as Windows clients do.
1. Has somebody made the same experiences ?
2. Has somebody been able to get this running ?
3. Can anyone provide me a link or config example of ACS to
MAC ------- LWAPP -------WLC 5508 -------------------- ACS------------------------Open LDAP
many thanks for your post. If I understood the referred doc right they use EAP-TLS with certificates for machine authentication but my customer only wants to check the clients against their MAC-adresses which are stored in Open LDAP directory.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...