LEAP Authentication using 2 usernames for 80 devices - Any problems?
Here is the setup:
LEAP Authentication for two VLAN's using 4 1100 Aironet AP's. The IOS is the latest, 12.2(11)JA1. 60 of the devices are student workstation laptops at a school. The other 20 devices are teacher laptops.
Against my security opinions, the decision was made to configure all the student laptops with one LEAP username and password and put them into one VLAN/SSID. The same idea for all teacher laptops but with a different VLAN/SSID.
None of the students or teachers know what the passwords are as the IT folks configured every device manually.
ACS 3.2 is configured to allow the single teacher and single student LEAP username to authenticate unlimited times.
When more than 2 or 3 student laptops are authenticated with an AP, the other laptops have a difficult time getting on at all and sometimes causes us to reboot the AP which might get the situation resolved temporarily or might not.
Needless to say, the teachers are not happy with the situation as it has almost become useless.
Using LEAP before I have never done this type of setup. I have always used single unique username per LEAP client for corporate wireless logins.
Are the problems being caused by using this single username configuration?
It has been confirmed that using no WEP/LEAP and only SSID authentication configuration allows 20+ laptops to authenticate for long periods of time with no issues.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...