Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

captive portal with external authentication

Hi,

 

I'm wondering if there is a way to have wireless users authenticate on a captive portal with attributes that are not stored in LDAP.

 

We have ACS servers, wireless controllers, a bunge of access points and Microsoft AD servers.

What I'd like to do is get users authenticated on a certain SSID with specific variables that I have stored somwhere in an DB (not in the AD servers and not defined on the ACS servers).

 

For example a user has to register on a website with his name and a token is created and given to the user and stored in a DB. The user comes to the company and uses his name and this token to logon to the wireless.

 

Has anybody ever done this or knows how to? I hope this makes sense.

 

Kr,

Esger

2 REPLIES

That should work so long as

That should work so long as the WLC or your AAA can query the DB. In this scenario I would configure ACS to make the DB query, and just point the WLAN to that ACS.

 

Now the danger of this is that an internal user could get on with their credentials if ACS is also looking into AD. So you would also need to configure NAR so that a user whose credentials where in AD would be denied access.

 

HTH,

Steve

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
Community Member

Thanks for your time to

Thanks for your time to answer my question.

 

Would that be some custom scripting to get the ACS to query the DB and use those data for logon? I don't see how it can be done seeing the data is kept in a DB and not an LDAP server.

 

Thanks,

Esger

 

129
Views
0
Helpful
2
Replies
CreatePlease to create content