Authorize APs against AAA

Unanswered Question
Aug 9th, 2007
User Badges:

Enabling the "Authorize APs against AAA" option in the Wireless LAN Controllers requires you to add the MAC addresses to the ACS server so that the controllers can check the MAC address against RADIUS. If this option is enabled and the MAC addresses are added to the ACS, could a user potentially use the MAC address of an Access Point to gain access to the wireless network?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jagdeep Gambhir Thu, 08/09/2007 - 12:28
User Badges:
  • Red, 2250 points or more

no, it will allow only if the mac is in acs database as a user. If AP mac is not listed it can't be used to login.



Please rate if helps

SHANNON WYATT Fri, 08/10/2007 - 06:09
User Badges:

I think that maybe I'm not being clear. If I have a single ACS server with normal users as well as mac addresses entered as users, couldn't you use one of the mac addresses to authenticate with using PEAP? I assume there is some method to prevent this from occuring.


This Discussion



Trending Topics - Security & Network