This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Wi-Fi - Azure AD (AAD) Authentication + Per-vlan assigment

Wi-Fi - Azure AD (AAD) Authentication + Per-vlan assigment

leonarit
New Contributor

‎10-15-2020 10:44 PM

Hi,

I would like to ask if anyone knows if its possible to use only Extreme hardware/software to do a Wi-Fi deployment were a single SSID will be using Azure AD for user authentication and also have the possibility to map a  specific user/group to a specfic vlan/group policy

Currently I’m using Cisco gear with a  radius server cloud provider(ironwifi) that uses Azure AD as user db backend, but would like to know if Extreme any kind of native AAD integration.

 

Best regards.

 

 

0 Kudos
5 REPLIES 5

James_A
Valued Contributor

‎11-27-2020 04:18 AM

I’ve read of people enabling Azure AD Domain Services, which enables LDAP and then installing a RADIUS server (which could be ExtremeControl) in a new OU in Azure AD DS, which can then authenticate MS-CHAPv2 for EAP-PEAP.

However you may want to consider some sort of onboarding with certificates (eg from Intune) rather than using username/password.

0 Kudos

JonasD_Complit
Contributor

‎11-24-2020 04:55 PM

With Extremecloudiq we have an integration with Azure based on ppsk. You can doe segmentation based on vlans. Have a look at: https://wiflex.eu/wifionboarder-gsuite-azure/

0 Kudos

StephanH
Valued Contributor III

‎10-16-2020 02:43 PM

Hello leonarti,

 

sorry for the confusion. I just wanted to say that Identifi cannot speak directly to Azure.

AD/LDAP was just an example.

Since Identifi controllers (your anser was posted in the Identifi channel therefore I asume your question is about Identifi products) and APs are already tagged with an EoS date, these devices will not speak to Azure in the future.

 

This might be implemented in the future only for XCC or CloudIQ. Here I do not know any plans.

 

As of May 2020 there was not support for NAC and XCC (=XCA). See here:

https://extremeportal.force.com/ExtrArticleDetail?n=000039180&q=azure

 

Regards

Stephan

 

 

 

Regards Stephan
0 Kudos

leonarit
New Contributor

‎10-16-2020 02:05 PM

Hi StephanH, the Azure AD doesn’t support LDAP, it’s based on a Azure service that’s only accessible through some type specific connectors (OpenId Connect,etc).

 

I was told by someone that has Extreme knowledge that it was possible, i will try to check with the someone form product management.

 

Best regards.

0 Kudos
GTM-P2G8KFN