Max login enforement using ACS

Unanswered Question
Mar 3rd, 2009

Hi All,

Recently I deployed a credentials-based wireless security, based on WPA2/802.1x and PEAP.

I was using 3 WLC 4400 controllers, version 5.1.151.0 and 1 ACS server version 4.1.

Everything is working fine except the fact that each username/password can login multiple times, while this should be just one login per user.

I read about the setting: Security -> AAA -> User Login Policies in the WLC, but I also read that this is a setting which applies to all WLAN's, not just the one I'm adding.

Does anybody know how to limit the number of allowed logins using the ACS user/group policies?

Thx in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Leo Laohoo Tue, 03/03/2009 - 21:03

In the WLC, go to Security -> AAA -> User Login Policies

Under "Max Concurrent Logins for a user name", change the number to your desired settings.

Hope this answers your question.

HHagendoorn Wed, 03/04/2009 - 08:10

Hi Ieolaohoo,

Thx for you'r answer, I understood this is a global settings, which affects all defined WLAN's.

So I prefer using the ACS to enforce an user/group policy or something.

Any idea, about how to config this?

Leo Laohoo Wed, 03/04/2009 - 14:47

Unfortunately, no. We had the ACS running well when I configured the WLC recently. This is how we "police" the number of allowed logins per user when using the Wireless.

My reason is because sometimes, I have to login to router/switches more than once and I don't what THIS policy to prevent me from doing so.

Does this help?

HHagendoorn Thu, 03/05/2009 - 01:06

Unfortunately not. If you have to login more than once on a router/switch you should create a separate account for that. Each account can get it's one set of policies.

The problem here is that the ACS doesn't enforce these policies.

Actions

This Discussion

 

 

Trending Topics - Security & Network