Cisco :: 2504 - Integrating WLC With LDAP Server
Aug 13, 2012I need to integrate a 2504 WLC with a windows 2003 LDAP server for extented authentication, is there any guides available for this ?
View 1 Replies
ADVERTISEMENT
Cisco :: WLC 2504 And LDAP Authentication?
Mar 29, 2012i am trying to get ad authentication working on a WLC 2504, can I use the LDAP server configuration for authentication?
View 1 Replies View RelatedCisco Wireless :: WLC 2504 Authentication Based On AD / LDAP
May 17, 2012What are the possibilities for configuring a WLC to authenticate WLAN users based on their Active Directory user account?
Is this possible by setting up local EAP on the WLC?
I’ am looking for a solution where there are no changes to the Domain Controller involved and also no setting op IAS/RADIUS.
WLC:2504
Cisco :: 2504 LDAP Setting Up To Accept Authentication Based On Device
Aug 19, 2012How can I setup the WLC to accept authentication based on the device itself and not a user?
View 7 Replies View RelatedCisco VPN :: 1941/ K9 - How To Use Easy VPN Server With LDAP
Aug 27, 2012Previously, I was able to configure our Easy VPN Server with local authentication.But now, I am trying to use LDAP authentication to match with our policies.
My router is a Cisco1941/K9.
Current configuration : 5128 bytes!! Last configuration change at 13:25:16 UTC Tue Aug 28 2012 by admin! NVRAM config last updated at 05:03:14 UTC Mon Aug 27 2012 by admin! NVRAM config last updated at 05:03:14 UTC Mon Aug 27 2012 by adminversion 15.2service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname Router!boot-start-markerboot-end-marker!!!aaa new-model!!aaa group server ldap ASIA-LDAPserver server1.domain.net!aaa authentication login ciscocp_vpn_xauth_ml_1 localaaa authentication login ASIA-LDAP-AUTHE group ldap group ASIA-LDAPaaa authorization network VPN_Cisco localaaa authorization network ASIA-LDAP-AUTHO group ldap group ASIA-LDAP!!!!!aaa session-id common!!no ipv6 cef!!!!!ip domain name domain.netip cef!multilink bundle-name authenticated!crypto pki token default removal timeout 0!crypto pki trustpoint
[code]....
Cisco AAA/Identity/Nac :: ACS 5.3 LDAP Authentication With Apple Mac OS X Server?
Jan 24, 2012Does Cisco Secure ACS 5.3 support LDAP authentication with Apple Mac OS X server? One of our clients require an access control system. The major portion of the network consists of Apple Mac OS X 10.7 (Lion) Server and clients. They were using MAC-address based authentication along with LDAP through Cisco Wireless LAN Controller. But now the number of users has exceeded the maximum number of MAC addresses supported by WLC (2048). Hence we suggested ACS appliance to overcome the limit. My doubt is whether ACS 5.3 appliance can communicate with the Mac server and perform LDAP authentication.
View 2 Replies View RelatedCisco :: WLC 5508 - LDAP On Windows Server 2008?
Jul 14, 2011I'm having a problem with a WLC 5508 and a LDAP on windows server 2008, I already config everything on the WLC, but when a user try to authenticate I have this debug result:
*aaaQueueReader: Jul 15 19:27:07.384: 00:1b:77:7b:19:aa Returning AAA Error 'No Server' (-7) for mobile 00:1b:77:7b:19:aa
*aaaQueueReader: Jul 15 19:27:07.385: AuthorizationResponse: 0x3c9ceac4
*aaaQueueReader: Jul 15 19:27:07.385: structureSize................................32
*aaaQueueReader: Jul 15 19:27:07.385: resultCode...................................-7
[code]....
Servers :: Configure Linux Server With LDAP?
May 31, 2011the linux server should be configured with LDAP, so that any user should not login into that machine by local user credentials but by his intranet credentials.
View 1 Replies View RelatedCisco AAA/Identity/Nac :: How To Setup ACS 4.2 As LDAP Server To Authenticate Devices
Sep 1, 2011I have a ACS 4.2 under windows, I setuped it to authenticate routers by RADIUS and TACACS+ protocols. now I have some devices whitch know only LDAP protocol. How can setup ACS as a ldap server to authenticate those devices?>
View 1 Replies View RelatedCisco :: Local EAP Authentication On WLC2112 With EAP-FAST / LDAP Server?
Oct 11, 2009I'm having a problem configuring local EAP Authentication using CA (Windows Server) and LDAP server. I followed the URL:
[URL]
but it seems that CA has no effect. Any wireless client who has his own LDAP account can access to the network.What I want is just allow some wireless clients to access if they have approved CA before.
Cisco :: Layer 3 Security Like Web Login To LDAP Server On Wireless Portion Of SA 520W?
May 3, 2011Is there any way to do layer 3 security like a web login to an LDAP server on the wireless portion of the SA 520W?I'm asking because we have this set up on many of our Cisco Wireless Controllers and I would like to do it on the SA520's as well. I'm not sure if it's supported though.
View 2 Replies View RelatedCisco App :: ACE 20 - Set Up Serverfarm For Radius Server To Load Balance Ldap Udp Accounting Packets?
Jan 10, 2013I have a Cisco ACE 20, and I´m trying to set up a serverfarm for my radius server to load balance ldap udp accounting packets. The ACE has an LDAP authentication probe but I see no native way of setting up an LDAP accounting probe, without resorting to probe scripting.
View 2 Replies View RelatedCisco Wireless :: 2504 - AP Not Getting IP For DHCP Server
May 21, 2013I have a 2504 WLC and 1042 ap's. Everything worked great in my test enviroment (of course). Now when I want to deploy the wireless, the ap's are not getting and ip for the windows dhcp server.
I have option 43 configured in dhcp, sub option 241>ip address of the controller
I have my A record in dns, cisco-capwap-controller.
*Mar 1 00:03:17.050: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does not have an Ip !!
Not in Bound state.
*Mar 1 00:03:27.050: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does not have an Ip !!
*Mar 1 00:03:27.054: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
*Mar 1 00:03:37.054: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does not have an Ip !!
*Mar 1 00:03:47.054: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does not have an Ip !!
*Mar 1 00:03:57.054: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does not have an Ip !!
*Mar 1 00:04:07.054: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does not have an Ip !!
Not in Bound state.
Cisco :: WLC 2504 With RADIUS Server Authentication And EAP-TLS
Mar 6, 2013Can the 2504 WLC be configured to work with one RADIUS Server for Authentication of Management Users and with a second server for 802.1x EAP-TLS certificate authentication for the end users.
Management Users will authenticate on RADIUS Server 1.Wireless End users will request 802.1x EAP-TLS authentication certificate from AAA server 2.
Cisco Wireless :: Radius Server Requirement With Wlc 2504?
Jul 12, 2012I want to know if its nessary to install Certificate authority on your radius server. If we have a CA server already in the domain can we use that for this purpose or we have to install certificate authority on our DC.
View 1 Replies View RelatedCisco Wireless :: WLC 2504 - Internal DHCP Server Not Working
Mar 25, 2013setup a DHCP server on a WLC 2504. I'll try to resume my configuration:
I have 2 networks: inside users (vlan 1) and external users (vlan)
My controller uses the port 1 to connect to the switch, which has a trunk with WLC.
I have two routers, one using vlan 1 (192.168.3.0/24) and one using vlan 10 (200.X.X.X). All ports to these routers are access ports on their respective vlans.
I have 2 SSID, one for inside, other to outside. Inside is working very well.
To the outside I created a DHCP escope and already set the IP of the management interface 192.168.3.119.
Managemente interface (vlan 1 inside): 192.168.3.119/24
Outside interface (vlan 10): 200.X.X.195 - Default gateway 200.X.X.X.193
I alredy checked the DHCP Proxy in Advanced option.
See the output of the debug client:
(Cisco Controller) >
(Cisco Controller) >
(Cisco Controller) >
[Code].....
Cisco Wireless :: 2504 - Redundant NCS Server Connected To Single WLC
Apr 15, 2013I have a customer who has 2 NCS servers; 1 residing at their corporate site and the other residing at their local site. They have a WLC2504 controller at the local site. They would like to connect both ncs servers to to the local WLC. Is it possible to connect 2 ncs servers to a single controller? Can WLC configuration databases on two different NCSs be the same? How can you prevent 1 NCS from overwritting the other?
View 5 Replies View RelatedCisco :: Integrating WCS 7.0 With ACS 5.1
Jan 6, 2011Trying the config as depicted in the WCS 7 config guide? I have tried today to integrate WCS 7 with ACS 5.1 and got a partial success. I have created a unique Shell Profile that invokes for the WCS only which contains 1 role (role0=Root) and 73 task entries (as copied from the WCS group pages) and I can log in to WCS with the new account, but some things I dont appear to have priviledges for, such as Reports. Is there any way to debug which task WCS thinks I dont have to do this?
View 8 Replies View RelatedCisco :: Integrating LMS 3.2.1 With ACS 5.1 In AAA Mode?
Mar 11, 2012I am using Cisco LMS 3.2.1 with ACS 5.1, actually, i want to integrate my Cisco Work with ACS 5.1 in AAA mode i already setting up the AAA mode to Cisco ACS, when i apply the configuration, i got failed as image attached.
What should i do to resolve the problem ? i have configure the ACS in Network Devices and AAA Client, i have added the Cisco Work Address to ACS, but i got the same error.
Besides, would you like to give me some explanation about the function of AAA mode Setup on Cisco Work,
is it used for User Authentication to logging in to Cisco LMS, or is it used for discovery process (Credential Information) when we want to add some devices into Cisco LMS ?
Cisco :: Integrating ACS 4.2 With Prime LMS 4.1?
Jan 4, 2012I am trying to populate the LMS 4.1 components to ACS.
View 2 Replies View RelatedCisco Wireless :: 2504 / Assign IP Addresses To Remote Site Wi-Fi Users From Local DHCP Server?
May 29, 2012Is it possible to assign IP addresses to remote site WIFI users from local DHCP server and forward all other traffic to 2504 WLC?
[WIFI Users] >--------<AP (DHCP server) >------ VPN ---------< WLC
AAA/Identity/Nac :: ACE30 Module 4.2 Integrating With ACS 5.2?
Mar 10, 2012I am using ACE30 having s/w version: 4.2. I am using ACS 5.2
I have used the below commands to add ACE with ACS for AAA.
tacacs-server key 7 "nacs0wvd!q"
tacacs-server host 96.86.76.66 key 7 "nacs0wvd!q"
tacacs-server host 96.86.76.67 key 7 "nacs0wvd!q"
[Code].....
I am getting authenticated by ACS, but the problem is authorization is not happening. In ACS, i have just added the device IP using TACACS+.
Cisco Wireless :: AP 1140 Integrating With Hotspot Gateway
Jan 2, 2013I have 3 Cisco AP 1140 at my customer (Service Industry) place, so they requenst us to provide Hotspot solution to them for managing the Internet connection for limiting to their Customers over the account system. Let me know how i can integrate hotspot BOX with Cisco AP.
View 3 Replies View RelatedCisco :: 3501E Not Integrating In WLC4404 With 1121 And 1241 APs
Nov 11, 2012We have a WLC 4404 with about 85 1121 and 1241 APs. - I just added 6 new 3501E with Antennas, and configured the a new SSID, but non of my clients can connect to any of the 3501s. One solution from a tech was to update the NIC drivers. I verified that all test clients are 802.11N and sometimes they find the 3501 but often they switch to another of the older and weaker 1121 or 1241s. On one test I had a 3501 just outside his room and his client nic was picking up a weak signal 2 floors up, then it would go to one 1 floor down. eventually we could get it to feed of the nearest 3501 but it would go back to another 1121 or 1241 soon thereafter,.
View 5 Replies View RelatedIntegrating Tablet Into A Windows Home Network?
Feb 2, 2012I know nothing about Tablets (iPad or Android) or their operating system. My wife is interested in getting a iPad 2 or Android tablet.
I have a home WiFi network based on two laptops and a desktop. They are all running Windows OS. I also have 3 external drives and two printers USB wired into the main desktop.
I have two questions:
1) Will I be able to integrate an iPad/Android tablet into the Windows home network so as to be able to access the .jpg photographs on the desktop drives?
2) Will the tablet be able to output work to the printer attached to the Windows Desktop?
Cisco Firewall :: Integrating Secondary Failover Unit ASA 5510?
Nov 20, 2011I have a single production 5510 with 2 contexts. Now I want to integrate the secondary failover unit. My question is: How much configuration needs to be done on the secondary firewall? How much of the configuration will be sync'd from the primary to the secondary when the secondary is connected?
For example, do I need to add the following on the secondary or will it be sync'd from the primary?
admin-context NAME
context NAME
allocate-interface Ethernet0/0.14
[Code].....
Cisco Switches :: Catalyst 4510 - Integrating SG200 Into Existing Network
Dec 17, 2012We have an existing network with a Catalyst 4510 core switch and departmental 3560 switches connected via fiber. Due to company restructure we can no longer afford to buy new 3560's when anything goes wrong so this week I purchased an SG200-26 which I'm trying to get onto the network.
This is a legacy network which I didn't setup so my Cisco skills are somewhat limited (another reason for the SG200's hopefully), anyway have been looking at the configs on the existing switches and trying to match settings in the SG200 setup however not getting anywhere! I have the config from the dead switch so I can show what needs to be achieved, any experience in downgrading environment in a similar way?
Cisco Switching/Routing :: Integrating Catalyst 2960 With Juniper Core And VLans
Mar 7, 2012I've just started a new job after a couple of years not touching cisco gear and been pitched in... My new employer has a network that's Juniper based. We've inherited a load of Cisco switches as part of the deal for hosting matches during the Rugby world cup (plus a load of Aruba wireless gear that promises to be my very own special millstone, but that's bye the bye.)
My task is to hang these catalyst 2960's onto our existing infrastructure via fibre connections.
On the Juniper switch, there are four vlans being pushed to the port the cisco's hooked into: Code...
Integrating A Camera Network With An Existing Network?
Nov 1, 2011Here is the scenario: A mid-sized IP based camera network (150 cameras, 1 management server, several client workstations, and several recording servers) has been implemented on a stand-alone LAN utilizing a class C configuration and is set up as a windows domain. The user now wants to add the ability for workstations on the existing class B network to connect (with client software) to the management server on camera network, network is controlled by enterprise sized domain (Think county). Access is controlled by camera system client software credentials. Here are my questions:
1) What is the best way to do this and what hardware is required? I thought about just adding a NIC to the management server but am concerned about the 2 different domains playing well together. Would a router be best? What do I need to consider as far as setting up firewall and/or gateway?
2) What considerations do I need to take into account regarding the camera network not taking bogging down existing user network?
3) The workstations on the camera network are not as “locked down” as they are on the user network (again, think county network security). Will I be creating a security hazard and if so, how can I prevent this?
Cisco VPN :: LDAP Authentication On ASA 8.2(1)
Oct 29, 2011i am facing an issue while trying to configure LDAP integration on Cisco ASA firewall. The requirement is allow the remote access VPN to specific group defined on AD. When i checked the debug logs " debug ldap 255" , it shows that the authenication is sucessfull with the LDAP server , but the ldap attribute is not getting mapped and because of this reason , the tunnel-group default group policy of "NOACCESS" is getting applied ( vpn simultanous set to zero) that results zero connection.
I confirmed this by changing the value of NOACCESS from zero to one and found that the VPN is getting connected
The name of user account is testvendor that belongs to the group of Test-vendor.
The configuration and debug output is shown below.
SHOW RUN
ldap attribute-map ABC-VENDOR
map-name memberOf Group-Policy
[Code]....
Cisco :: LDAP Password In ASA Configuration?
Nov 2, 2011Is it possible to encrypt password provided for the ldap-login-password attribute in the ASA configuration? Our auditor is not comfortable with the LDAP (AD) password appearing in clear text in the configuration
View 6 Replies View RelatedCisco VPN :: ASA 5505 - VPN Authentication Via LDAP?
Oct 16, 2011I have cisco ASA 5505 with security plus, i configured remote VPN with ASA for LDAP authentication which works as i want. Now i have a requierment that some users needs to get access via remote VPN but they are not part OUR SERVER Active directory, Is that a possibility that users have an access of remote VPN while not creating an account in AD and perfrom local authentication via firewall for them?
View 1 Replies View RelatedCisco :: WLC 4400 - Web Authentication Using LDAP
Mar 14, 2011I have some problems integrating WLC 4400 with AD using ldap. The the WLC LDAP Server and W LAN for Web Authentication are configured according to [URL].
when I connect to SSID the laptop is given the ip address, then I can see the web-page with lo gin and password - it seems to be OK, but when I enter lo gin and pass it tells me, that it's incorrect.
The attributes of the LDAP server:
Server Address *.*.*.*
Port Number 389
User Base DN ou=ORG,dc=domain,dc=local
User Attribute userPrincipalName
User Object Type Person
the test user is located in AD folder ORG, but this folder also contains a lot of sub trees
There are some questions:
1) Is it obligatory to use value "Authenticated" in the Simple Bind option or it can be Anonymous?
2) Is the Controller capable for searching the users located in User Base DN sub trees?
Here is some debug from the controller:
667: LDAP_CLIENT: UID Search (base=.....
669: LDAP_CLIENT: ldap_search_ext_s returns 0 85
669: LDAP_CLIENT: Returned 1 msgs including 0 references
[Code]....