https://community.cisco.com/t5/network-access-control/web-auth-ap-based-restriction/m-p/3592116#M500884 <HTML><HEAD></HEAD><BODY><P>I believe there might be a bug associating optional data in an authorization rule match</P></BODY></HTML> Mon, 16 Apr 2018 00:22:36 GMT Jason Kunst 2018-04-16T00:22:36Z https://community.cisco.com/t5/network-access-control/web-auth-ap-based-restriction/m-p/3592114#M500880 <HTML><HEAD></HEAD><BODY><P>Hello team</P><P><SPAN style="font-family: Calibri, sans-serif; font-size: 11pt;">We have a hotel customer and they want to install 1815W APs in every room (WLC will be 5520). In addition to this, they want the guests to be able to connect to their own AP in their own room only, using web auth. So the guests in room 101 will connect to AP101, guests in room 102 will connect to AP102 and so on. How can this be accomplished?</SPAN></P><P><SPAN style="font-family: Calibri, sans-serif; font-size: 11pt;">Thanks</SPAN></P></BODY></HTML> Sun, 15 Apr 2018 15:20:03 GMT https://community.cisco.com/t5/network-access-control/web-auth-ap-based-restriction/m-p/3592114#M500880 annen 2018-04-15T15:20:03Z https://community.cisco.com/t5/network-access-control/web-auth-ap-based-restriction/m-p/3592115#M500882 <HTML><HEAD></HEAD><BODY><P>One possibility is to set Called Station ID Type to "AP Name:SSID".</P><P><IMG alt="Screen Shot 2018-04-15 at 3.47.08 PM.png" class="image-1 jive-image" height="205" src="/legacyfs/online/fusion/116540_Screen Shot 2018-04-15 at 3.47.08 PM.png" style="height: 205px; width: 352.55494505494505px;" width="353" /></P><P>Then, set either an existing attribute or a custom attribute to AP Name. For example,</P><P></P><P>If Radius:Called-Station-ID Starts With Guest:OptionalData1 ...</P></BODY></HTML> Sun, 15 Apr 2018 22:57:50 GMT https://community.cisco.com/t5/network-access-control/web-auth-ap-based-restriction/m-p/3592115#M500882 hslai 2018-04-15T22:57:50Z https://community.cisco.com/t5/network-access-control/web-auth-ap-based-restriction/m-p/3592116#M500884 <HTML><HEAD></HEAD><BODY><P>I believe there might be a bug associating optional data in an authorization rule match</P></BODY></HTML> Mon, 16 Apr 2018 00:22:36 GMT https://community.cisco.com/t5/network-access-control/web-auth-ap-based-restriction/m-p/3592116#M500884 Jason Kunst 2018-04-16T00:22:36Z https://community.cisco.com/t5/network-access-control/web-auth-ap-based-restriction/m-p/3592117#M500885 <HTML><HEAD></HEAD><BODY><P>Thanks. But all the APs will be broadcasting the sames SSID. Will it work in that case too?</P><P>Regards</P></BODY></HTML> Mon, 16 Apr 2018 10:23:32 GMT https://community.cisco.com/t5/network-access-control/web-auth-ap-based-restriction/m-p/3592117#M500885 annen 2018-04-16T10:23:32Z https://community.cisco.com/t5/network-access-control/web-auth-ap-based-restriction/m-p/3592118#M500886 <HTML><HEAD></HEAD><BODY><P>That would not be an issue.</P><P></P><P>However, care needs to be taken to tune the wireless radios, shielding, and interferences so that the room would receive considerably weak signals from the APs from other rooms. Please consult the wireless team for such support, if needed.</P></BODY></HTML> Mon, 16 Apr 2018 14:29:53 GMT https://community.cisco.com/t5/network-access-control/web-auth-ap-based-restriction/m-p/3592118#M500886 hslai 2018-04-16T14:29:53Z https://community.cisco.com/t5/network-access-control/web-auth-ap-based-restriction/m-p/3592119#M500887 <HTML><HEAD></HEAD><BODY><P>May be related to</P><TABLE><TBODY><TR><TD>CSCuv42389</TD><TD>New custom fields not showing up under authz policy attributes</TD></TR></TBODY></TABLE><P></P><P>If not working, I recall one SE handled via workaround:&nbsp; "I could still use ‘OptionalData1’ which is visible in the Guest attribute list, by creating a custom Guest field with the same name, which allows me to work around the problem."</P></BODY></HTML> Tue, 17 Apr 2018 04:01:23 GMT https://community.cisco.com/t5/network-access-control/web-auth-ap-based-restriction/m-p/3592119#M500887 Craig Hyps 2018-04-17T04:01:23Z