cancel
Showing results for 
Search instead for 
Did you mean: 

NAC - A3- Microsoft Entra ID (Azure AD) - 802.1x authentication - Regarding

NAC - A3- Microsoft Entra ID (Azure AD) - 802.1x authentication - Regarding

drthiruna
New Contributor II

Hi, 

Our License is Microsoft Entra ID Basic for EDU (Azure AD). It is free for the Higher Educational Institutions and Universities. 

We have a registered domain (example.edu.in). Configured the realm as example.edu.in. In addition, 

I configured one more realm as example.onmicrosoft.com. 

Which one is correct? 

Will the NAC support the 802.1x authentication of the users against this Azure AD Free? or we need a paid edition? 

I need to configure the NAC for 802.1x and eduroam authentication. 

In addition, is it mandatory to have a local AD for configuring the NAC?

Thiru
1 ACCEPTED SOLUTION

Zdeněk_Pala
Extreme Employee

Hi,

you can validate credentials in Eduroam.

You can validate credentials in Entra ID through 802.1X EAP-TTLS (translated to OAUTH2). If you want to use EAP-PEAP then you need local AD mirror running the connector to Entra ID.

You need to define under what conditions you will use what backend = when you use Entra ID and when Eduroam. It can be based on SSID for example.

If you can use OAUTH2 against Entra ID Basic is probably question to Microsoft licensing specialist. I do not know.

hope it helps.

Regards Zdeněk Pala

View solution in original post

1 REPLY 1

Zdeněk_Pala
Extreme Employee

Hi,

you can validate credentials in Eduroam.

You can validate credentials in Entra ID through 802.1X EAP-TTLS (translated to OAUTH2). If you want to use EAP-PEAP then you need local AD mirror running the connector to Entra ID.

You need to define under what conditions you will use what backend = when you use Entra ID and when Eduroam. It can be based on SSID for example.

If you can use OAUTH2 against Entra ID Basic is probably question to Microsoft licensing specialist. I do not know.

hope it helps.

Regards Zdeněk Pala
GTM-P2G8KFN