Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Silver

Access restriction based on SSID

Hello,

I am interesting in a solution for access restriction based on SSID. I use RADIUS and ACS. Is there any solution to do limitation based on SSID? I use AP1200 series...

Thanks in advance...

FCS

3 REPLIES
Silver

Re: Access restriction based on SSID

I found use cisco-av-pair attributes to do this limitation:

Cisco IOS/PIX 6.x RADIUS Attributes

[009\001] cisco-av-pair

ssid="ssid-name"

bye

FCS

Community Member

Re: Access restriction based on SSID

Hi,

I am attempting this same result: SSID restriction based on group membership.

When I re-configure the NAS client as Cisco IOS/PIX 6.x in order to rely on the cisco-av-pair field, this works great to limit the user to only the specified SSIDs, however the Access Point is no longer able to austhenticate to WDS since it uses LEAP authentication to the same RADIUS server - the Cisco IOS/Pix 6.x option does not support LEAP...

Is there any way to change WDS authentication from LEAP to EAP-FAST for example? Or can we implement cisco-av-pair under Cisco Aironet for this?

Thanks,

Curtis H.

Community Member

Re: Access restriction based on SSID

hello

i am trying to do the same thing do u ahve any update.. what about aaa overwrite ,, network identity wiht vlan TAg

168
Views
0
Helpful
3
Replies
CreatePlease to create content