09-08-2008 09:01 AM - edited 07-03-2021 04:25 PM
We recently added a guest WLAN to our 4402 controller and have successfully created and used "guest accounts". The issue we are having is our corporate users can connect to the guest WLAN and use their credentials to authenticate to the guest WLAN. Is there a way to limit Web Authentication to not utilize our ACS in addition to the local user name/password accounts created on the WLC?
Solved! Go to Solution.
09-08-2008 04:43 PM
What you need to do is create 3 bogus radius servers and then on the guest wlan ssid, point the 3 bogus radius servers on that. This will prevent the internal users from authenticating to the correct radius server. If you need to know.... the WLC will look up the local account first and if there is no valid username and password, then the wlc will automatically look at the radius servers setup on the wlan. If no radius server are defined, then the wlc will look at the other radius servers configured on the wlc.
Hope this helps.
09-08-2008 04:43 PM
What you need to do is create 3 bogus radius servers and then on the guest wlan ssid, point the 3 bogus radius servers on that. This will prevent the internal users from authenticating to the correct radius server. If you need to know.... the WLC will look up the local account first and if there is no valid username and password, then the wlc will automatically look at the radius servers setup on the wlan. If no radius server are defined, then the wlc will look at the other radius servers configured on the wlc.
Hope this helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide