cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
571
Views
0
Helpful
3
Replies

ACS and SSID

mironduplessis
Level 1
Level 1

Hi,

We have the following requirement.

SSID 1

Authenticates against cisco radius which uses external active directory to authenticate against

SSID 2

Authenticates guests against cisco radius which uses proxies authentication request to other institutions radius servers

These cisco radius servers are separate at the moment. We would like to combine them into one.

How do you ensure that users on one SSID are authenticated only against the appropriate authentication directory via the one radius.

Regards

Miron

3 Replies 3

Jagdeep Gambhir
Level 10
Level 10

This is possible with a feature called NAP "Network access profile". Here you can set that specific SSID should be authenticated to specific database.

Please check this link,

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/user/NAPs.html

Regards,

~JG

Do rate helpful posts

JG,

Thanks for the pointers mate.

Within that document it doesnt specify SSID anywhere really. Is that something that is identified in a radius attribute that can be used for the decision making?

Regards

Miron

WLC use DNIS-The called-station-ID (attribute 30) to send SSID name.

So we need to choose attribute 30 from that list.

Regards,

~JG

Do rate helpful posts

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: