Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Sergo89
Contributor

Radius Proxy and Identity Awareness

Jump to solution

Hi Folks,

I thought i solve this issue, but last Android version (wireless connection to corp nets) forces me roll back to this problem. Everything have been working fine more than one year, Cisco Wireless Controller use Microsoft NPS (Radius) and CheckPoint like Radius Proxy (accounting). Identity Awareness resolves username and we can see all users sessions from mobile devices in the logs and reports. This method works if user login in to Wireless net ONLY with username (no domain), technically users can login to corp wireless like username@domain.com, but in this case Identity Awareness can't recognize them.  I solved it with realm names and played with attributes in NPS config, just not allowed access, if username entered like this username@domain.com. Unfortunately Cisco WLC sends Radius info same time to Radius Auth and Radius Accounting, and NPS realm changes not impacting to CheckPoint, and second problem NPS also cannot send accounting info to somewhere.  

THe new Android-s requires domain name , No sure, is it possible to make Identity Awareness  little bit "smarter" that recognize format username@domain.com

 

thanks  

0 Kudos
2 Solutions

Accepted Solutions
PhoneBoy
Admin
Admin
Sergo89
Contributor
0 Kudos
2 Replies
PhoneBoy
Admin
Admin
Sergo89
Contributor
0 Kudos