I have some WiFi AP and I am working on to introduce centralized authentication with ACS: using PEAP. All MAC address is registered in ACS as user and my question is how can I forbid for these MAC addresses (users) that they can't access the VTY of APs? Since now with MAC address (username) and password (same MAC) I can login to the AP, what is not so secure..
you need to configure login and/or authorization on your AP to allow only certain users/groups from TACACS+ server (ACS). These users/groups are then configured with TACACS+ access level/privilege in ACS.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...