AD Group Mapping Across Different Domain Forest using ACS-AD

When U have the Different Domain Forest and ur implementing Wireless across it and wants to bind SSIDs to respected Domains following points needs to be taken care off
1) Two way trust needs to be form between All Domain
2) Windows Remote Agent needs to be install on One of the Member Server Machine of any of the Domains
3) If there is the Firewall between Domains following ports needs to be open
Here is the port list for Active Directory communication:
TCP Ports: 88, 135, 136, 139, 389, 445, 1025, 1026
UDP Ports: 88, 123, 137, 389 ICMP
4) Link for what needs to be configured on Member Server Machine on which Windows Remote Agent install
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_solution_engine/4.2/installation/guide/remote_agent/rawi.html#wp299851
5) Member Server on which Remote Agent is install should login with user have Domain Admin Priviledge
6) See the Restrict WLAN Access based on SSID with WLC and Cisco Secure ACS Configuration Link for configuration
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00807669af.shtml

802.11n Supporting Setting on Wireless LAN Controller

802.11n is activated on Cisco WLC or WiSM only when WPA2 setting is selected , if you select WPA+WPA2 setting then you can get only 802.11a/b/g , though your Access Point support 802.11n (example Cisco Access Point 1252)


By Sachin