Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco ACS Service Selection Rule using Called-Station-ID

We're currently running a Cisco ACS 5.3.0.40 VM appliance and using this to authenticate wireless clients from a Cisco 5508 WLAN setup.  I've setup a Service Selection rule to match RADIUS Protocol and a Compound Condition where RADIUS-IETF is looking for Called-Station-ID to match the MAC of the AP along with the SSID.  I also have a catch all rule to match only RADIUS and authenticate via AD.

When looking at AAA Authentication logs, I'm seeing the correct info on successful authentication (<MAC>:<SSID>) but I'm not seeing any rule hits when looking at the Service Selection Rules after doing a manual refresh of hits.  Am I missing configuration somewhere for this to work?

 

1 REPLY

Tony,Your setup completely

Tony,

Your setup completely makes sense but could you share some screenshots?

Are you using "contains" in the called station id value?

Rate if Useful :)

Sharing knowledge makes you Immortal.

Regards,

Ed

104
Views
0
Helpful
1
Replies