https://community.cisco.com/t5/wireless/leap-authentication-using-2-usernames-for-80-devices-any/m-p/202831#M20809 <P>Here is the setup:</P><P></P><P>LEAP Authentication for two VLAN's using 4 1100 Aironet AP's. The IOS is the latest, 12.2(11)JA1. 60 of the devices are student workstation laptops at a school. The other 20 devices are teacher laptops.</P><P></P><P>Against my security opinions, the decision was made to configure all the student laptops with one LEAP username and password and put them into one VLAN/SSID. The same idea for all teacher laptops but with a different VLAN/SSID.</P><P></P><P>None of the students or teachers know what the passwords are as the IT folks configured every device manually.</P><P></P><P>ACS 3.2 is configured to allow the single teacher and single student LEAP username to authenticate unlimited times.</P><P></P><P></P><P></P><P>Issue:</P><P></P><P>When more than 2 or 3 student laptops are authenticated with an AP, the other laptops have a difficult time getting on at all and sometimes causes us to reboot the AP which might get the situation resolved temporarily or might not.</P><P></P><P>Needless to say, the teachers are not happy with the situation as it has almost become useless.</P><P></P><P></P><P>Question:</P><P></P><P>Using LEAP before I have never done this type of setup. I have always used single unique username per LEAP client for corporate wireless logins.</P><P></P><P>Are the problems being caused by using this single username configuration?</P><P></P><P>It has been confirmed that using no WEP/LEAP and only SSID authentication configuration allows 20+ laptops to authenticate for long periods of time with no issues.</P><P></P><P>Thanks.</P> Sun, 04 Jul 2021 16:03:22 GMT woodsbc 2021-07-04T16:03:22Z https://community.cisco.com/t5/wireless/leap-authentication-using-2-usernames-for-80-devices-any/m-p/202831#M20809 <P>Here is the setup:</P><P></P><P>LEAP Authentication for two VLAN's using 4 1100 Aironet AP's. The IOS is the latest, 12.2(11)JA1. 60 of the devices are student workstation laptops at a school. The other 20 devices are teacher laptops.</P><P></P><P>Against my security opinions, the decision was made to configure all the student laptops with one LEAP username and password and put them into one VLAN/SSID. The same idea for all teacher laptops but with a different VLAN/SSID.</P><P></P><P>None of the students or teachers know what the passwords are as the IT folks configured every device manually.</P><P></P><P>ACS 3.2 is configured to allow the single teacher and single student LEAP username to authenticate unlimited times.</P><P></P><P></P><P></P><P>Issue:</P><P></P><P>When more than 2 or 3 student laptops are authenticated with an AP, the other laptops have a difficult time getting on at all and sometimes causes us to reboot the AP which might get the situation resolved temporarily or might not.</P><P></P><P>Needless to say, the teachers are not happy with the situation as it has almost become useless.</P><P></P><P></P><P>Question:</P><P></P><P>Using LEAP before I have never done this type of setup. I have always used single unique username per LEAP client for corporate wireless logins.</P><P></P><P>Are the problems being caused by using this single username configuration?</P><P></P><P>It has been confirmed that using no WEP/LEAP and only SSID authentication configuration allows 20+ laptops to authenticate for long periods of time with no issues.</P><P></P><P>Thanks.</P> Sun, 04 Jul 2021 16:03:22 GMT https://community.cisco.com/t5/wireless/leap-authentication-using-2-usernames-for-80-devices-any/m-p/202831#M20809 woodsbc 2021-07-04T16:03:22Z