08-09-2007 03:14 AM - edited 07-03-2021 02:27 PM
Enabling the "Authorize APs against AAA" option in the Wireless LAN Controllers requires you to add the MAC addresses to the ACS server so that the controllers can check the MAC address against RADIUS. If this option is enabled and the MAC addresses are added to the ACS, could a user potentially use the MAC address of an Access Point to gain access to the wireless network?
08-09-2007 12:28 PM
no, it will allow only if the mac is in acs database as a user. If AP mac is not listed it can't be used to login.
Regards,
~JG
Please rate if helps
08-10-2007 06:09 AM
I think that maybe I'm not being clear. If I have a single ACS server with normal users as well as mac addresses entered as users, couldn't you use one of the mac addresses to authenticate with using PEAP? I assume there is some method to prevent this from occuring.
08-11-2007 12:43 PM
You can use a feature called NAP (Network access profile) in ACS.
Regards,
~JG
Please rate helpful posts
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: