Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Max login enforement using ACS

Hi All,

Recently I deployed a credentials-based wireless security, based on WPA2/802.1x and PEAP.

I was using 3 WLC 4400 controllers, version 5.1.151.0 and 1 ACS server version 4.1.

Everything is working fine except the fact that each username/password can login multiple times, while this should be just one login per user.

I read about the setting: Security -> AAA -> User Login Policies in the WLC, but I also read that this is a setting which applies to all WLAN's, not just the one I'm adding.

Does anybody know how to limit the number of allowed logins using the ACS user/group policies?

Thx in advance.

4 REPLIES
Hall of Fame Super Gold

Re: Max login enforement using ACS

In the WLC, go to Security -> AAA -> User Login Policies

Under "Max Concurrent Logins for a user name", change the number to your desired settings.

Hope this answers your question.

Community Member

Re: Max login enforement using ACS

Hi Ieolaohoo,

Thx for you'r answer, I understood this is a global settings, which affects all defined WLAN's.

So I prefer using the ACS to enforce an user/group policy or something.

Any idea, about how to config this?

Hall of Fame Super Gold

Re: Max login enforement using ACS

Unfortunately, no. We had the ACS running well when I configured the WLC recently. This is how we "police" the number of allowed logins per user when using the Wireless.

My reason is because sometimes, I have to login to router/switches more than once and I don't what THIS policy to prevent me from doing so.

Does this help?

Community Member

Re: Max login enforement using ACS

Unfortunately not. If you have to login more than once on a router/switch you should create a separate account for that. Each account can get it's one set of policies.

The problem here is that the ACS doesn't enforce these policies.

220
Views
0
Helpful
4
Replies
CreatePlease to create content