1. ISE & AD Integration

2. Configure Dot1x Authentication using AD

	A. Configure the relationship between ISE and the Switch
	B. Configure the Switch for Dot1x Authentication
	C. Configure the Authorization Profiles & Policies on ISE based on AD Groups
	D. Configure SW1 as a DHCP Server & R1 as the Relay Agent
	D. Login and verify

3. Generate a CSR/Identity Certificate for the FMC

	A. Generate a Key for the FMC
	   openssl genrsa -out FMC.key 4096

	B. Generate a CSR to be used to issue the Identity Certificate for the FMC
	   openssl req -new -key FMC.key -out FMC.csr

	C. Copy the files from the FMC to the local PC using a SFTP program (WinSCP)
	D. Download the Root Certificate of the CA Server (http://10.1.1.2)
	E. Request an Identity Certificate for the FMC based on the CSR downloaded. Name the file generated as FMC-ID.

4. Generate a CSR/Identity Certificate for ISE

	A. Enable the pxGrid Service.
	B. Download and Trust the CA Server.
	C. Generate a CSR to be used to issue the Identity Certificate for ISE.
	D. Request an Identity Certificate for ISE based on the CSR generated. Name the file generated as ISE-ID.
	E. Bind the file to the CSR in ISE.

5. Integrate FMC with ISE & AD

	A. Integrate FMC with ISE. You will upload the Root Certificate and the ID Certs on FMC. 
	B. Keep an eye on ISE for pxGrid Incoming requests
	C. Integrate FMC with AD.
	D. Keep an eye on ISE for pxGrid Incoming requests
	E. Add the Directory IP under the Realm.
	F. Add the Groups and download them.

6. Create an Identity Policy to use the Realm that was created in the previous task.

	A. Create an Identity Policy (IP-KBITS)
	B. Add the Realm.

7. Edit the ACP to use Groups & Users

	A. Include the Identity policy in your ACP
	B. Create ACP rules based on AD Groups/Users.
	C. Deploy