802.1x authentication with Microsoft IAS

Discussion in 'Cisco' started by wisdom1999, Jan 31, 2006.

  1. wisdom1999

    wisdom1999 Guest

    Hi Guys can anyone send me documentation on how to set this up? I have
    been reading a few documents. Do i need to have a certifcate
    authourity in place? I have been using IAS to authenticate my dialup
    users who connect to a cisco 2511 and that works well. Please help me
    if you can. Thanks much.

    PWM
     
    wisdom1999, Jan 31, 2006
    #1
    1. Advertisements

  2. wisdom1999

    John Smith Guest



    please be more specific...
    what kind of users do you want to authenticate? wireless? vpn? etc...
     
    John Smith, Jan 31, 2006
    #2
    1. Advertisements

  3. wisdom1999

    wisdom1999 Guest

    I want to authenticate LAN users. Users who connect to my cisco
    switches. I have a problem of contractors comming into my organization
    and plugging into a free port and getting network access. I want to
    stop that.

    PWM
     
    wisdom1999, Jan 31, 2006
    #3
  4. wisdom1999

    Vivek Guest

    For 802.1x with IAS/AD the options are pretty limited.

    You can only use PEAP or EAP-TLS

    Hence, you will need a server certificate (peap and tls) and client
    certificate (tls only).

    If you have a CA then it saves you the hassle of getting the certificates
    from a third party.
     
    Vivek, Feb 1, 2006
    #4
  5. wisdom1999

    wisdom1999 Guest

    Thanks much for your reply.
    I will now have to figure out how to set up the CA. Do have any links
    that you can send me on how to configure this setup?
    Thanks again for your assistance.

    PWM
     
    wisdom1999, Feb 2, 2006
    #5
  6. wisdom1999

    Vivek Guest

    Sorry no documents handy for IAS. We use ACS.
     
    Vivek, Feb 2, 2006
    #6
  7. wisdom1999

    wisdom1999 Guest

    Thanks none the less.

    PWM
     
    wisdom1999, Feb 3, 2006
    #7
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.