cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
307
Views
5
Helpful
2
Replies

ACS only allow 7921G phones on a certain SSID - block others

netwrkgod
Level 1
Level 1

Hello, we have just deployed an SSID of hVoIP and applied CAC and QoS. It works well. We have a "data" SSID of DATA.

Is there a way to only allow the Cisco wireless phones to authnticate to this SSID and block, say laptops or other WiFi phones, from authenticating. We don't want people to connect their laptops to this network to get their data prioritized and ruin the network for the calls.

We have LWAPP AP's, WiSM's, and ACS 4.1.

Thanks!

2 Replies 2

Richard Atkin
Level 4
Level 4

Couple of ways you can do this...

First, just have one SSID, and assign users to VLANs and give them ACL / QoS / CoS settings dynamically. This can be done in ACS using the airespace attributes, and enabling "Allow AAA Override" on the WLAN in the WLC.

Second, in your ACS Groups, you can specify which SSIDs a user is allowed to come from, this is done (from memory) using the NDIS settings. With this method, you go to the groups that your data users come from, and specify that they can only connect from the "data" ssid, and same again for the phones.

HTH, plenty of docs on CCO about this...

http://www.google.co.uk/search?hl=en&q=airespace+dynamic+wlan+site%3Acisco.com&meta=

Regards,

Richard

What if the user uses the same username/password for logging into their laptop as they do for the phone?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: