Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Ciscosecure ACS / Wireless access

I have a pool of laptops that need wireless access to my network . This pool of laptops will be shared by system admins and user community accessing the same wireless network.

Is it possible to use the ACS server for authentication such that based on the username/password combination, the user / admin is restricted access to my network?

I want the admins to be able to access my internal network but the users denied access to the internal network and only to the Internet

5 REPLIES
Cisco Employee

Re: Ciscosecure ACS / Wireless access

Cisco's AP will not support that yet..

New Member

Re: Ciscosecure ACS / Wireless access

I was thinking on the lines of using LEAP with the APs.

The users /admins get authenticated against the ACS database. Based on the user/password, they get assigned a a group from the acs.

Silver

Re: Ciscosecure ACS / Wireless access

Hi,

When you use LEAP, it is possible to assign users to a specific group on ACS, but still what you are trying to do is not possible, because AP is not yet capable of accepting the downloadable ACL.

Thanks,

Mynul

New Member

Re: Ciscosecure ACS / Wireless access

Are you implying that APs will eventually accept downloadable ACLs from ACS? That would be great!

New Member

Re: Ciscosecure ACS / Wireless access

Hi there,

The solution to this problem: create 2 ssid's mapped to 2 different vlan's. From ACS v3, v3.1, v3.2 you can force the user to be member to a specific vlan despite the ssid user was au-thenticated. Then you can put access-lists on vlan interface.

192
Views
0
Helpful
5
Replies
CreatePlease to create content