Hot!Fortigate + Cisco WCL + APs , active directory auth?

Author
joebrug
New Member
  • Total Posts : 18
  • Scores: 2
  • Reward points: 0
  • Joined: 2015/01/08 17:06:04
  • Status: offline
2018/06/27 13:08:56 (permalink)
0

Fortigate + Cisco WCL + APs , active directory auth?

Hi all..
 
I'm currently using FSSO to authenticate my windows users with the Fortigate, where I have web filtering policies set up, etc so they can/cant get to certain categories.
 
I want to do the same for wireless devices connecting to our internal WiFi. We have Cisco AP's connected to a Cisco WLC 2504 wireless controller. I was able to set up LDAP on the WLC, which prompted me for a login on my phone, it took my AD credentials and let me in. However, the Fortigate never recognized me as my AD user.. only as the IP address of my phone. So I wasn't falling into the right web filtering policies, etc.
 
Whats the right way to accomplish this? If I can provide more useful details, please let me know. Thanks!
#1

3 Replies Related Threads

    joebrug
    New Member
    • Total Posts : 18
    • Scores: 2
    • Reward points: 0
    • Joined: 2015/01/08 17:06:04
    • Status: offline
    Re: Fortigate + Cisco WCL + APs , active directory auth? 2018/08/22 09:17:56 (permalink)
    0
    Never got a response to this? :\
    #2
    pyy
    Bronze Member
    • Total Posts : 26
    • Scores: 2
    • Reward points: 0
    • Joined: 2015/10/21 10:57:48
    • Status: offline
    Re: Fortigate + Cisco WCL + APs , active directory auth? 2018/08/27 13:02:13 (permalink)
    0
    Hi Joe,

    The WLC is only check your username and password and perform an action if matched.
    It is not generate a logon event in order FSSO allow you to browse internet.

    In that case i believe that Fortiauthenticator can help you with your design.


    #3
    joebrug
    New Member
    • Total Posts : 18
    • Scores: 2
    • Reward points: 0
    • Joined: 2015/01/08 17:06:04
    • Status: offline
    Re: Fortigate + Cisco WCL + APs , active directory auth? 2019/03/01 10:32:41 (permalink)
    0
    I still haven't figured this out and its come back up on the project list. Do I really need more software/hardware to accomplish this?
     
    Again, Cisco WLC/AP's connecting to Fortigate 200D running 5.4.9.
     
    I use FSSO for desktops to authenticate against Active Directory, so I can see who is who on web filtering. I want to do the same thing for wireless devices. Right now, all I see is IP addresses on wifi subnet.
    #4
    Jump to:
    © 2019 APG vNext Commercial Version 5.5