Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Limit the sessions of authentication

Hi my name is Ivan

I have a wireless network working with 3 profiles of users:

Profile 1: Corp with 802.1x peap maschap v2

Profile 2: Alm with Web Authentication are validating credentials from a ACS 5.3 and AD 2008 R2

Profile 3: Guest with Web Authentication validating credential from the Cisco Lobby Ambassdor.

My customer need limit the amount of sessions to the authentication, for example:

One user  of any Profile (Corp, Alm, Guest) just must authenticate to the network wireless using only twice their credentials, from any device

My customer doesn't need authenticate the device (By MAB, or another method).

Is possible to do it in the WLC or perhaps in the ACS 5.3?. Or perhaps in only two Profiles, or only one?.

Please could you give me an advice to do it?

Thanks for your answers.


  • Other Wireless - Mobility Subjects
Hall of Fame Super Silver

Re: Limit the sessions of authentication

Well the issue is that you have multiple sources where the credentials are located. You have an option on the WLC to limit the max login but that is only good for that WLC. If you have multiple WLC's , that wouldn't work so well if they connect to another ap on a different WLC. Bringing authentication to a single source like ISE you would be able to do that, but I think it's on the next release that it will be available.

Sent from Cisco Technical Support iPhone App

Thanks, Scott *****Help out other by using the rating system and marking answered questions as "Answered"*****

Re: Limit the sessions of authentication

There is command on WLC "max-login-ignore-identity-response" which limit the number of devices but as Scott said if you are using more than one WLC then it will not work. You have to deploy ISE 1.2 which is going to be release in the last week of this month. With the help of this you can achieve your goal.

New Member

Re: Limit the sessions of authentication

Hi Scott And Ravi, thanks for your answers

I have one wlc and 3 ssid. Im going to try to do all your advice, to limit the amount of sessions of the authentication.