Manualshelf

Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances
121122123124125126127128129130
122 | Preparing for 802.1X Wireless Authentication with Active Directory Dell Networking W-ClearPass Deployment Guide
This section describes how to use the W-ClearPass Policy Manager to configure 802.1X authentication with
Active Directory in a Dell network.
Authenticating Against Active Directory
802.1x authentication can be used to authenticate users or computers against a user database or domain such
as Microsoft Active Directory (for related information, see Preparing for Active Directory Authentication on
page 93).
The supplicant (wireless client) authenticates against the RADIUS server (which is the authentication server/W-
ClearPass Policy Manager server) using an EAP method configured on both the supplicant and the RADIUS
server. They will, in turn, negotiate which EAP method to use based on the list of EAP methods each one
supports.
The mobility controller's (authenticator) role is to send authentication messages between the supplicant and
authentication server. This means the RADIUS server is responsible for authenticating users.)
Mobility controllers perform EAP exchanges between the supplicant and convert these to RADIUS access-
request messages that are sent to the RADIUS server's IP address and the specified UDP port (for details, see A
Tour of the EAP-PEAP-MSCHAPv2 Ladder on page 191).
About the 802.1X Wireless Service
The basic Policy Manager use case configures a Policy Manager Service to identify and evaluate a RADIUS
request from a user logging into a Mobility Controller.
Figure 110 illustrates the authentication process flow for an 802.1X Wireless Service.
Figure 110 802.1X Wireless Service Authentication Process Flow
Table 19 provides descriptions of each of the 802.1X authentication processes illustrated in Figure 110.