Using ACS in an ACL

Unanswered Question
Apr 15th, 2008

I have what might be considered a strange need.

We have a Cisco wireless network that has both a secured WLAN that our employees use as well as a guest WLAN for visitors and vendors. The catch is that our guest WLAN is not content filtered but our secured WLAN that our employees use is. The problem we now have is that our employees have learned this and are connecting to the guest WLAN to get unsecured access.

We have a Cisco ACS server that we put all our employees' PCs MAC addresses in to grant them wireless access. Is there any way we can do the reverse?

Basically, we want to somehow restrict those whose MAC is listed in the ACS server from being able to use the Guest wireless.

I was thinking we might could create an ACL that denied access on that Guest Wireless VLAN to those whose MAC is listed in the ACS but I have no idea where to begin.

Is this even possible and if so can you just point me in the right direction.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Rick Morris Tue, 04/15/2008 - 12:13

This is a growing issue at a lot of businesses. We are in the process of doing this same thing but using Juniper SSG 550 to make this happen. In our SSG we create a policy map to direct all traffic to our webwasher for inspection before leaving out envorionment.

What kind of filtering are you doing to employee's? What is doing the filtering?


This Discussion