Tom,
Our dorms are setup exactly like that, most machines now using their
native supplicant will cache the credentials which will at least give
the illusion of a single sign-on using the captive portal. The biggest
problem we have helpdesk-wise is that we use different credentials for
802.1x and the Resnet captive portal. We are terminating the eap
session on the controller and have had great success with it. You may
need to play around with ssid/vlan/acl depending on what you mean by
the students not being part of your domain, let me know if you'd like
to discuss further!
Garrett Harmon
Network Engineer
Office of Information Technology
The Ohio State University
614.292.2122 (o)
614.747.5539 (c)
On Jun 24, 2009, at 9:24 AM, Tom Parenti wrote:
Hello All,
We are looking to start doing 802.1x authentication on our student
wireless. We are an Aruba customer and we use Cisco NAC.
Today we have an open SSID. The students connect to the SSID, open a
web browser and are redirected to the Cisco NAC log on page. We
would like to continue with the single sign on with NAC if possible.
I think that would mean the students would have to cache their
credentials in the supplicant to get authenticated to the new 802.1x
SSID. Student computers are not part of our domain.
Has anyone had any experience setting up 802.1x with NAC?
Thanks,
Tom
________________________
Tom Parenti
Network Administrator
Johnson & Wales University
8 Abbott Park Place
Providence, RI 02903
(401) 598-1557
Spam
Not spam
Forget previous vote
********** Participation and subscription information for this
EDUCAUSE Constituent Group discussion list can be found athttp://www.educause.edu/groups/
.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
