Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

ACS EAP-FAST and LEAP restrictions. regarding 7920 wireless phones

Hello, The 7920 still doesn´t support EAP-FAST. So I´m wondering if it is possible to restcrict EAP-FAST users from turning LEAP on. Is there a way in ACS to do that ?

5 REPLIES
New Member

Re: ACS EAP-FAST and LEAP restrictions. regarding 7920 wireless

You can disable LEAP support on a global basis via

System COnfiguration -> Global Authentication Setup

And disable LEAP, by unchecking the LEAP checkbox

Re: ACS EAP-FAST and LEAP restrictions. regarding 7920 wireless

Thanks but I am running LEAP for the phones so I don´t whant to do that. I was wondering if this could be restricted so only 7920 phones could use LEAP but others only EAP-FAST. I cant see a way but I wanted to doublecheck if there was a solution.

Super Bronze

Re: ACS EAP-FAST and LEAP restrictions. regarding 7920 wireless

Hi

Kristjan's question above is a good one - I'm looking for a similar answer...

I.e. can I add all my 7920 handset usernames to a group, and only allow these to do LEAP?

Also can I restrict LEAP users to a set of pre-defined MAC addresses?

Thanks

Aaron

Aaron Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!
New Member

Re: ACS EAP-FAST and LEAP restrictions. regarding 7920 wireless

Hi,

I am facing the same problem, does anyone get an answer or an idea ?

thanks

Luc

Silver

Re: ACS EAP-FAST and LEAP restrictions. regarding 7920 wireless

If you can upgrade to ACS v4.0, then you can use the Network Access Profile feature by which each specific network service can have its own authentication and authorisation policy.

If you IP phones all go into an NDG you can create a specific policy just for than NDG.

et voila!

226
Views
0
Helpful
5
Replies
CreatePlease to create content