Monday, January 19, 2015

ISE 1.3 + vWLC 7.6 - Basic 802.1x Configuration for Wireless Devices

I have setup ISE 1.3 + vWLC 7.6 in my lab virtually on my UCS server.  Good thing is now ISE 1.3 comes with a OVA, which you can deploy and use immediately without lengthy installation.  It still needs to go through a wizard and need some time to initialize the database, but comparatively easier than pervious release.  vWLC also comes with a evaluation license that you can test things out after you accept the EULA.  Here is a step-by-step guide to configure basic 802.1x authentication for wireless devices using ISE local DB.

1.  Add ISE as Authentication Server, is my ISE IP address.
2. Add ISE as Accounting Server
3. Add a WLAN, the SSID of my testing WLAN is DW-BYOD
Remember to enable AAA Override, choose Radius NAC under NAC state and check DHCP Profiling (this is just used to feed info to my ISE for device profiling).  In my lab I am using FlexConnect local switching therefore you can see I have checked that checkbox.

4.  Create Users on ISE, now I am going to use the ISE local database.

Done!  You should now able to access your SSID using the user credentials that you have created in ISE local database.  

The next post we will go a step further, to configure BYOD with EAP-TLS and self on-boarding capability.

No comments: