Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

MAC authentication and LEAP using Cisco ACS

I tried to implement a solution to authenticate both MAC address and LEAP for wireless client using Cisco ACS. However, it seems that as long as LEAP authentication passed, no matter the MAC authentication was configured properly or not, the user could always be associated and connect to the network. Is there a way to enforce both MAC and LEAP using ACS, so that either authentication fails, the client could not connect to the network.

Thanks,

Daniel

3 REPLIES
New Member

Re: MAC authentication and LEAP using Cisco ACS

Daniel,

The MAC authentication is done first, and then the LEAP authentication. You can select if MAC authen is enought or not.

Please have a look at : http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo1200/accsspts/ap120scg/bkscgch4.htm#xtocid20

If this configuration is not working, you might need to open a TAC CASE.

Regards,

Vincent

New Member

Re: MAC authentication and LEAP using Cisco ACS

I have been able to get this to work ...

Ensure that the ACS has the MAC defined as a user.

Ensure that the AP has "default unicast address filter" set to off and that the AP will check ACS for MACs

Configure LEAP as normal ... as the other replier indicated MAC is done first then LEAP

Good Luck ...

New Member

Re: MAC authentication and LEAP using Cisco ACS

I got that setup to work by following the instructions on this link:

http://www.cisco.com/warp/public/cc/pd/witc/ao1200ap/prodlit/wrsec_an.htm

The above link is a briliant cook book for wireless security.

I guess your problem could be that the default MAC-filter is "allowed"

go to

setup -> AP radio -> advanced

on your AP and look for "default unicast address filter". Set these to "disallowed"

Best regards,

Mikkel

608
Views
8
Helpful
3
Replies
CreatePlease login to create content