ExtremeWireless: How to authenticate users from two AD domains using NAC?

  • 0
  • 1
  • Question
  • Updated 2 years ago
  • Answered
Hello, everybody!

I have C5210 controller configured to use Internal captive portal and authorize users in MS-RADIUS (NPS) from Active Directory. Now it's configured only for xxx.local domain. Everything works fine, but now I have to configure also authentication for users in EDU.xxx.local domain.

So, I have installed NAC and it is accessible over NAC console from Netsight (both are 6.3.x). The problem is there is no manual for NAC, just a short document "LDAP_Host Verification for BYOD.pdf" for Enterasys from year 2012. Is there anything more recent and full? Some step-by-step guides?

I've found this topic - https://community.extremenetworks.com/extreme/topics/nac-manager-ldap-integartion-with-sub-domain but it seems there is some difference between 6.1 and 6.3 of NAC&Netsight. 

Could you please give me a link for a suitable manual or help to fill the form below?
The 2nd question how to make controller to authenticate users over NAC?

I can provide all additional information required. Please, help!

Photo of Ilya Semenov

Ilya Semenov

  • 4,384 Points 4k badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 45,086 Points 20k badge 2x thumb
The online help is not that bad but sometimes it's hard to find the right things.

If you've no prior experience with NAC I'd strongly suggest to either attend a official class or pay some partner (like me) to configure it for you and also give you a short workshop to cover basic configuration steps.

-Ron
Photo of Ilya Semenov

Ilya Semenov

  • 4,384 Points 4k badge 2x thumb
Hello, Ron!

There are several fun things, which are usually normal with Extreme Networks:

1) I have no prior experience with NAC (like 99,9% of russian IT staff)
2) There are no NAC courses availaible in Russia (or you have to gather together at least 5 visitors for a course and this is almost impossible because of lack of interest)
3) I am a system engineer from a partner company
4) Still there is no adequate manuals for the Software 

Could you please tell me, how do you appraise your man-hours and its total cost for this job?

Thank you!