Is there away to configure ACS 4.2 to only allow certain EAP-type of authentication per SSID? For example: SSIDA - only allows EAP-TLS and SSIDB - only allows EAP-PEAP on the same ACS server?Any help is greatly appreciated.Sent from Cisco Technical...
I’m having an issue where I check the “Validate server certificate” within WZC and I don’t select any “Trusted Root Certification Authorities” and the PEAP authentication against ACS is successful. Shouldn’t the authentication fail because I’m telli...
Is it good practice anymore to enable "Aironet IE" on the WLAN? I'm wondering if the additional information that that is beaconed out (AP hostname, etc) is worth it.
I currently have RRM set to "On Demand" for channel assignments. I'm curious if anyone knows how a newly installed AP selects it's channel assignment after joining the WLC with RRM set to "On Demand" (without manually invoking a channel update). Do...
Is there any difference between WPA/AES and WPA2/AES. I realize that WPA was pre-standard but I'm wondering if there are any "technical" differences.Any help is greatly appreciated.
If you are using PEAP authentication through ACS you can enter the MAC address under the "Per User Defined Network Access Restrictions" under the user setup page in ACS. Check "Define CLI/DNIS-based access restrictions" and permit port=*, CLI = "MAC...
That's interesting...we are having the same issue. We are also running 4.2.112 on multiple WiSMs. We have no indication from the WLC or WCS that there is a problem with the APs. Did you see something in the release notes that maybe related to the ...
With AD and ACS you can use group mappings to map the AD user into a group within ACS dynamically. Then you can set the DNIS restrictions on the group within ACS. Hope this helps.Rob