We are in process to deploy a wireless for a customer with ACS, where we want A single User/machine to have a login checked with External Identity store and have only one session at a time.
i.e. if User A logged in with Machine A, he should not be able to use Machine B for the same authentication even if the Machine B is having MAC authenticated, (please note that MAC Authentication is not necessory but one user should use only one machine)
I am a little new to the ACS/Wireless, any help would be highly appriciated.
System Administration > Users > Max User Session Global Settings
You can define the Radius Session Attribute that will be identified to uniquely identify Sessions. Please make sure that your NAD send all of these attributes on the accounting start and that they are identidical on all attempts for the same user. You may also try to use more permissive session keys, like only username for example.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...