Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Questions about machine authentication

For machine authentication on a wireless network (EAP-TLS or PEAP), 1) do the computers have to be member of a windows domain, 2) can the computer be authenticated to a one SSID/VLAN and denied to others.

Thanks.

2 REPLIES
Community Member

Re: Questions about machine authentication

This sounds like the problem I'm looking into. I've got a single ACS server. I want to run PEAP. I have two WLAN SSIDs. I want some users to be authenticated to one SSID, and denied to the other SSID. Cant see how to make this work without using 2 ACS servers....

At the moment, I think anybody who can authenticate to one SSID can gain access to the other SSID.

Any help appreciated :-)

Community Member

Re: Questions about machine authentication

I think I might have found the solultion via configurable Radius attributes.

1. Radius based SSID access control

2. Radius based VLAN assignment

http://www.cisco.com/warp/public/cc/pd/witc/ao1200ap/prodlit/wvlan_an.pdf

165
Views
0
Helpful
2
Replies
CreatePlease to create content