topic Re: WLC4404: authenticating LWAPPs. in Wireless https://community.cisco.com/t5/wireless/wlc4404-authenticating-lwapps/m-p/996710#M20062 <HTML><HEAD></HEAD><BODY><P>I don't see why you can't use IAS, you just have to cross reference the doc that explains how to set it up in Cisco ACS:</P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008084f13b.shtml#a1" target="_blank">http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008084f13b.shtml#a1</A></P><P></P><P>One way to protect you network against rogue LWAPP's is to make sure your unused ports are shut and configured for a bogus vlan just in case. Have your LAP's on a separate vlan, so that the vlan or subnet is the only subnet that can communicate to the wlc.</P></BODY></HTML> Fri, 18 Jul 2008 11:39:08 GMT Scott Fella 2008-07-18T11:39:08Z WLC4404: authenticating LWAPPs. https://community.cisco.com/t5/wireless/wlc4404-authenticating-lwapps/m-p/996709#M20061 <P>Hi,</P><P>I want so secure my WLAN against rogue LWAPPs. I found the option "Authorize APs against AAA" under "SECURITY -&gt; AAA -&gt; AP Policies". So, it's only possible to authorize them against my IAS RADIUS server?</P><P>How dou you protect your network agaisnt rogue LWAPPs? I didn't finde a best practice my Cisco. TIA.</P><P></P><P>Simon</P><P></P><P>edit: I'm running 5.0.148.0 on a AIR-WLC4404-100-K9.</P> Sat, 03 Jul 2021 23:11:48 GMT https://community.cisco.com/t5/wireless/wlc4404-authenticating-lwapps/m-p/996709#M20061 simonbaumann 2021-07-03T23:11:48Z Re: WLC4404: authenticating LWAPPs. https://community.cisco.com/t5/wireless/wlc4404-authenticating-lwapps/m-p/996710#M20062 <HTML><HEAD></HEAD><BODY><P>I don't see why you can't use IAS, you just have to cross reference the doc that explains how to set it up in Cisco ACS:</P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008084f13b.shtml#a1" target="_blank">http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008084f13b.shtml#a1</A></P><P></P><P>One way to protect you network against rogue LWAPP's is to make sure your unused ports are shut and configured for a bogus vlan just in case. Have your LAP's on a separate vlan, so that the vlan or subnet is the only subnet that can communicate to the wlc.</P></BODY></HTML> Fri, 18 Jul 2008 11:39:08 GMT https://community.cisco.com/t5/wireless/wlc4404-authenticating-lwapps/m-p/996710#M20062 Scott Fella 2008-07-18T11:39:08Z