Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ACS with wireless 802.1x

We have some AP1100 using 802.1x authentication with a ACS server, that is then looking up users on a windows domain, that is working fine.

I would like to be able to have a specific group on the ACS that is then maped to a windows group, and when the wireless users try to get authenticated they are only allowed access if they belong to that group.

In our situation the users could possibly belong to other groups on the ACS, but should not be authenticated when they are in those groups.

just the one specific to the wireless.

any ideas ?

Arni

2 REPLIES
Cisco Employee

Re: ACS with wireless 802.1x

You can implement it through NAR OR do dynamic vlan assignment for only one group, all others can fall into guest vlan or restricted vlan

Following whitepapar can help with NAR:

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_white_paper09186a00801a8fd0.shtml

Remember for wireless CLI/DNIS NAR work.

~Rohit

Re: ACS with wireless 802.1x

I would vote for CLI/DNIS based NAR in this scenario.

Regards,

Prem

146
Views
0
Helpful
2
Replies
CreatePlease to create content