Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

LEAP Authentication using 2 usernames for 80 devices - Any problems?

Here is the setup:

LEAP Authentication for two VLAN's using 4 1100 Aironet AP's. The IOS is the latest, 12.2(11)JA1. 60 of the devices are student workstation laptops at a school. The other 20 devices are teacher laptops.

Against my security opinions, the decision was made to configure all the student laptops with one LEAP username and password and put them into one VLAN/SSID. The same idea for all teacher laptops but with a different VLAN/SSID.

None of the students or teachers know what the passwords are as the IT folks configured every device manually.

ACS 3.2 is configured to allow the single teacher and single student LEAP username to authenticate unlimited times.

Issue:

When more than 2 or 3 student laptops are authenticated with an AP, the other laptops have a difficult time getting on at all and sometimes causes us to reboot the AP which might get the situation resolved temporarily or might not.

Needless to say, the teachers are not happy with the situation as it has almost become useless.

Question:

Using LEAP before I have never done this type of setup. I have always used single unique username per LEAP client for corporate wireless logins.

Are the problems being caused by using this single username configuration?

It has been confirmed that using no WEP/LEAP and only SSID authentication configuration allows 20+ laptops to authenticate for long periods of time with no issues.

Thanks.

137
Views
0
Helpful
0
Replies
CreatePlease to create content