Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Guest WLAN Authentication Issue

We recently added a guest WLAN to our 4402 controller and have successfully created and used "guest accounts". The issue we are having is our corporate users can connect to the guest WLAN and use their credentials to authenticate to the guest WLAN. Is there a way to limit Web Authentication to not utilize our ACS in addition to the local user name/password accounts created on the WLC?

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: Guest WLAN Authentication Issue

What you need to do is create 3 bogus radius servers and then on the guest wlan ssid, point the 3 bogus radius servers on that. This will prevent the internal users from authenticating to the correct radius server. If you need to know.... the WLC will look up the local account first and if there is no valid username and password, then the wlc will automatically look at the radius servers setup on the wlan. If no radius server are defined, then the wlc will look at the other radius servers configured on the wlc.

Hope this helps.

-Scott
*** Please rate helpful posts ***
1 REPLY
Hall of Fame Super Silver

Re: Guest WLAN Authentication Issue

What you need to do is create 3 bogus radius servers and then on the guest wlan ssid, point the 3 bogus radius servers on that. This will prevent the internal users from authenticating to the correct radius server. If you need to know.... the WLC will look up the local account first and if there is no valid username and password, then the wlc will automatically look at the radius servers setup on the wlan. If no radius server are defined, then the wlc will look at the other radius servers configured on the wlc.

Hope this helps.

-Scott
*** Please rate helpful posts ***
289
Views
5
Helpful
1
Replies
CreatePlease to create content