Authentication question

Unanswered Question
Jun 10th, 2008
User Badges:

setup is cisco acs for authentication. clients use PEAP/WPA/TKIP. I need to assign a static ip address for a specific login as access will be restricted for this ip. the problem is the user can potentially connect to the wireless network obtaining another address and have access. how can i set the login under the acs to be mapped to that ip address?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Scott Fella Tue, 06/10/2008 - 11:00
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Why don't you just create a mac reservation in your dhcp server. That way they will always obtain the same ip address.

d.muccillo Tue, 06/10/2008 - 11:04
User Badges:

I intend on doing that but i am concerned if they input a static ip address that is not the one assigned to them or use a different laptop, they would then still be able to sign on with the account created on the radius server.

dgroscost Wed, 06/11/2008 - 16:27
User Badges:

Can you restrict the laptop?


Create another VLAN and assign that user via ACS to that VLAN?


Scott Fella Wed, 06/11/2008 - 18:45
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Yes you can..... take a look at this doc. It should have all the info you need.


http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a00808c9bd1.shtml

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode