Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
532
Views
0
Helpful
2
Replies

Guest vlan

a.kumaresan
Level 1
Level 1

‎11-09-2006 05:32 AM - edited ‎03-10-2019 02:50 PM

I am integrating ACS with windows ADS for dot1x authentication. I m sucesfully able to get the requirement. But I have only one ACS. If my acs fails all my users will not be able to login into the network. Is there a way I can make the user get only internet access when acs is down? If yes how can i achieve this.

Labels:
0 Helpful
2 Replies 2

darpotter
Level 5
Level 5

‎11-09-2006 06:39 AM

This depends entirely on the authenticating devices and what backup facility they offer in case the AAA server goes down.

I suspect the only "catch all" solution would be a failover AAA server. You could perhaps enable IAS on your AD server and configure it for guest access. If ACS ever goes down IAS would take over.

Actually thats kind of neat as it gets around the failover ACS suffering a similar problem to the primary. IAS is essentially free as part of Windows server.

Darran

0 Helpful

a.kumaresan
Level 1
Level 1
In response to darpotter

‎11-12-2006 12:25 AM

Darran,

When the ACS goes down all the user gets guest vlan which i haveconfigured. But they dont get any ip address as well they limited access. Is it a way where i can make them part of a vlan from where they can only access internet.

0 Helpful
Customers Also Viewed These Support Documents