Restricting Access to Wireless based on Username/password and machine type
I am sure this is a easy one but I have been having a problem figuring it out. I have ACS 5.2, I want to allow users to access a certain vlan on wireless via 802.1x vlan override with username / password authentication. I want to redirect any devices that use the same login but on a device that is not registered in AD to a different vlan. Essentially allowing people with registered computers to access a more secure network then those that do not.
I have been messing around a bit, got machine auth going but it seems with Windows it is user auth or machine auth and you have to wait a few seconds for machine auth to occur, then I could use the option of "If Machine Authenticated" but it is qwerky at best. The next option was to use TLS but that does not seem to be sure fire either since mobile devices can chose to accept any cert.
What would do the trick is to have ACS lookup the MAC address of the machine in AD, if it is there then allow onto the more secure network. It seems simple but it as alluded me so far.
Restricting Access to Wireless based on Username/password and ma
That seems like a very static and manual approach.
That being said, I may have found the solution. I set the Machine Authentication time out for a few days then set the if Machine authenticated control to true for the various user policies, then a default policy below with if Machine authenticated = false.
If Machine aunthentication stays valid for a few days that is a good enough option.
IntroductionHow to use the Wireless LAN Controller Configuration Analyzer (WLCCA)
Javier Contreras is a Senior Tech Lead for the Wireless Business Unit in Cisco, with over 2 decades of experi...
< PRE >
(#)For this reason being that : - application that doesn't use multicast, sends one copy of each packet ( data unit of traffic at layer 3 ) to each client (" who seeks the traffic ).- application that does use multicast, sends ...
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...