Cisco avpair SSID and WLC

Unanswered Question
Jul 22nd, 2009

Hi!

I'd like to differenciate users sharing the same ldap directory and radius authentication.

For example, if I have a student and a teacher, i'd like to be sure that the student will stay on its vlans and so on.

I can do this by using vlan attributes and aaa override but if I do that, I will have for example a student connected to the teacher SSID but on the student vlan. It's not a pretty situation...

I read that we can use an cisco avpair attribute to force users to connect only on their SSID but it doesn't seem to work with controller.

Is anybody have a solution for my case?

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
angedibartolo Wed, 07/22/2009 - 23:07

Thanks for your reply.

So, regarding this document, the WLC include by default an information concerning the SSID on its access-request to a radius server, right?

dancampb Thu, 07/23/2009 - 04:38

Correct. The access-request would include the SSID in the access-requests. If the SSID is not one of the ones specified in the DNIS the Radius server would reject the request.

kyawzawhtut Thu, 07/23/2009 - 04:53

Hi

let me piggy back your thread. I have the same issue but I am not using WLC instead I am using "Autonomous AP". I believe by default it will not send ssid in authentication request.

How can I achieve the same result in autonomous ap?

Could you please help.

Thanks in advance.

Regards

Joe

Actions

This Discussion

 

 

Trending Topics - Security & Network