Ciscosecure ACS / Wireless access

vins95051 · ‎12-19-2002

I have a pool of laptops that need wireless access to my network . This pool of laptops will be shared by system admins and user community accessing the same wireless network.

Is it possible to use the ACS server for authentication such that based on the username/password combination, the user / admin is restricted access to my network?

I want the admins to be able to access my internal network but the users denied access to the internal network and only to the Internet

tepatel · ‎12-20-2002

Cisco's AP will not support that yet..

vins95051 · ‎12-21-2002

I was thinking on the lines of using LEAP with the APs.

The users /admins get authenticated against the ACS database. Based on the user/password, they get assigned a a group from the acs.

mhoda · ‎05-31-2003

Hi,

When you use LEAP, it is possible to assign users to a specific group on ACS, but still what you are trying to do is not possible, because AP is not yet capable of accepting the downloadable ACL.

Thanks,

Mynul

kevin_miller · ‎05-31-2003

Are you implying that APs will eventually accept downloadable ACLs from ACS? That would be great!

8dstaicu · ‎07-01-2003

Hi there,

The solution to this problem: create 2 ssid's mapped to 2 different vlan's. From ACS v3, v3.1, v3.2 you can force the user to be member to a specific vlan despite the ssid user was au-thenticated. Then you can put access-lists on vlan interface.