Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
485
Views
0
Helpful
3
Replies

Restricting Wireless Access using ACS 3.3

broadjumper
Level 1
Level 1

‎02-09-2007 08:18 AM - edited ‎03-10-2019 02:58 PM

We are currently running ACS 3.3 and I am trying to figure out how to restrict Wireless access to specific user groups. Our current setting is using PEAP and ACS as the Radius. Our user database is mapped to Windows 2003 AD. I've got the PEAP working and the radius authentication is also working but I cannot seem to figure out how to restrict the wireless access to specific Windows/ACS groups.

Erik

Labels:
0 Helpful
3 Replies 3

amrkrish
Level 1
Level 1

‎02-09-2007 10:41 PM

In ACS 3.3 we dont have advanced feature like Network Access Profile.

We can do one thing. Isolate all the wireless users to a specific group in Active directory.

Map this AD group to specific ACS group. In this way we can restrict the wireless access to specific Windows/ACS groups.

0 Helpful

darpotter
Level 5
Level 5
In response to amrkrish

‎02-11-2007 03:07 PM

This approach doesnt really scale. If I'd already mapped AD groups like

admins -> acs admins

sales -> acs sales

etc

I cant add a second level of mapping. All I can do is replace the above with

wired users -> acs wired

wireless users -> acs wireless

I wouldnt be able to have multiple wireless authorisations.

0 Helpful

parmsing
Cisco Employee
Cisco Employee

‎02-13-2007 10:28 AM

Hi,

On ACS 3.3.x You can certinly achive this, al you have to do is configure NAR( Network Access Restriction) Here is the link which should provide you further informatio on it.

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_white_paper09186a00801a8fd0.shtml

-Parm

0 Helpful
Customers Also Viewed These Support Documents