03-05-2006 01:13 AM - edited 07-04-2021 11:44 AM
For machine authentication on a wireless network (EAP-TLS or PEAP), 1) do the computers have to be member of a windows domain, 2) can the computer be authenticated to a one SSID/VLAN and denied to others.
Thanks.
03-06-2006 03:27 AM
This sounds like the problem I'm looking into. I've got a single ACS server. I want to run PEAP. I have two WLAN SSIDs. I want some users to be authenticated to one SSID, and denied to the other SSID. Cant see how to make this work without using 2 ACS servers....
At the moment, I think anybody who can authenticate to one SSID can gain access to the other SSID.
Any help appreciated :-)
03-06-2006 05:18 AM
I think I might have found the solultion via configurable Radius attributes.
1. Radius based SSID access control
2. Radius based VLAN assignment
http://www.cisco.com/warp/public/cc/pd/witc/ao1200ap/prodlit/wvlan_an.pdf
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: