Cisco Secure, wireless customers, restricting access

kimlong · ‎10-10-2003

Hello,

I looked though the ACS docs and didn't see anything specific to my question. I was looking for a white paper or similar info on how to restrict our wireless users to a specific subnet on the network - not allow them access to the subnet where our servers reside.

I was thinking that I could do this with the pool assignment options on the ACS server and then apply an ACL on our 6509 mfsc.

Is there another way to do this?

Thanks.

Kim

jsivulka · ‎10-16-2003

Using an ACS server is the right way to go. Have a look at the following link for a better idea.

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs31/acsuser/c.htm#224846

scottmac · ‎10-20-2003

Depending on which wireless you have (Cisco / Non-Cisco, 340, 350, 1100, 1200, IOS or VxWorks), you may already be able to establish a VLAN at the Access Point and carry it to/through your switch/router and control it with ACLs, filters, policy routes, etc.

If you need a per-user configuration, then you can add additional control with the ACS and maybe even 802.1x.

What kind of wireless do you have? If it's Cisco, is it VxWrorks or IOS, and which version(s)?

Scott

kimlong · ‎10-21-2003

Hi,

Thanks for responding. I clarified what my requirements are and used the ACS to do everything.

Kim