Microsoft Entra ID Sign-In Support for Zyxel APs (Firmware 7.10)
Zyxel Employee
With the firmware 7.10 update, Zyxel APs now support Microsoft Entra ID as a sign-in method for WiFi authentication. This allows enterprises to seamlessly integrate their existing Microsoft Entra ID (formerly Azure Active Directory) with Zyxel's Nebula Control Center (NCC) for secure, centralized authentication.
1. How Does Microsoft Entra ID Authentication Work?
When a user connects to an SSID with Microsoft Entra ID authentication, the process follows these steps:
1. User connects to the WiFi SSID: The AP redirects the user to the NCC agent.
2. NCC agent forwards the request to Microsoft Entra ID (Microsoft sign-in page appears).
3. User enters their Microsoft credentials (username & password).
4. Microsoft Entra ID verifies the credentials and sends an authentication response to the client.
5. Client receives a token: The NCC agent issues a token to confirm successful authentication.
6. Client sends the token to the AP: The AP validates the token with NCC.
7. If valid, AP grants internet access: The user is now authenticated.
2. How to Configure Microsoft Entra ID in NCC
To set up Microsoft Entra ID authentication, you must exchange metadata files between Nebula Control Center (NCC) and Microsoft Entra.
Configuration Steps:
Step 1: In NCC, navigate to SSID Advanced Settings → Sign-in Method → Select "Microsoft Entra ID".Step 2: Download the NCC metadata file and upload it to Microsoft Entra.Step 3: In Microsoft Entra, download the metadata file and upload it to NCC.Step 4: Save and apply changes.
Notes: Microsoft Entra ID authentication is a Pro Pack feature in NCC.
3. Requirements & Compatibility
Supported AP Models
Only 500 and 600 series APs that support Nebula Flex Pro can use Microsoft Entra ID authentication.
If a site contains both supported and unsupported APs:
- The SSID with Entra ID authentication will be disabled on unsupported APs.
Firmware Requirement
- APs must be running firmware 7.10 or later to support Microsoft Entra ID authentication.
Categories
- All Categories
- 415 Beta Program
- 2.5K Nebula
- 156 Nebula Ideas
- 106 Nebula Status and Incidents
- 5.9K Security
- 321 USG FLEX H Series
- 286 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 257 Service & License
- 399 News and Release
- 86 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.8K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 87 About Community
- 78 Security Highlight