06-10-2008 06:27 AM - edited 07-03-2021 04:00 PM
setup is cisco acs for authentication. clients use PEAP/WPA/TKIP. I need to assign a static ip address for a specific login as access will be restricted for this ip. the problem is the user can potentially connect to the wireless network obtaining another address and have access. how can i set the login under the acs to be mapped to that ip address?
06-10-2008 11:00 AM
Why don't you just create a mac reservation in your dhcp server. That way they will always obtain the same ip address.
06-10-2008 11:04 AM
I intend on doing that but i am concerned if they input a static ip address that is not the one assigned to them or use a different laptop, they would then still be able to sign on with the account created on the radius server.
06-11-2008 04:27 PM
Can you restrict the laptop?
Create another VLAN and assign that user via ACS to that VLAN?
06-11-2008 06:45 PM
Yes you can..... take a look at this doc. It should have all the info you need.
http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a00808c9bd1.shtml
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: