Step 1. Integration of ACS in the Domain, and choose the groups that will be using
Step 2: Add the access-point as a network access-device, and define radius shared secret (which, obviously, has to be the same as the one defined in your AP configuraiton).
Note: In this case we have set the AP device type to autonomous_AP, as we will be using this criteria in the service selection (see below).
Step 3: After that, we need to create an authorization profile that will assign VLAN 91:
Step 4: Now, I have to create an access service with my AD as identity source, and with an authorization rules that will apply the profile I created in the previous step for all users belonging to the AD Group Corp2.
Note: To see the AD1:ExternalGroups condition field, you need to click on customize First.
Note2: Make sure that default rule is Permit Access, or any other authorization profile that will allow access.
Step 5: The next and final step for ACS configuration is to direct all Radius request coming from my AP to my Access Service:
We can check that everything is fine using show dot11 assoc all: This is when I log with bastien:
ap#sh dot11 associations all-client
Address : 0011.95ca.e82d Name : NONE
IP Address : 192.168.90.61 Interface : Dot11Radio 0
We've just received a few new AP's, running software 184.108.40.206, however my WLC is on 220.127.116.11. Does anyone know if 18.104.22.168 is compatible with 22.214.171.124? I'm not getting them to register with the WLC.
Hi All,In my WiFi network, I have been facing serious problem whole week. Half of people almost did not have connection with wifi. After whole week I came to conclusion that the problem is with channels. I think DCA was not that smooth and still I had int...
Hi all, we are currently summarizing informations about solutions with cisco DECT handsets. We are using CISCO VOIP system all over the world and in Germany and other countries we are also using DECT handsets from Spectralink (Spectralink 7...
I have two cameras that are connected to one of the switches, the switch is connected to the core switch, the WLC also is connected to the Core switch. I have enabled IP PIM Sparse-mode on the VLAN interfaces that the users connects to, and the manag...
Hello guys,I have some problems with the eap-tls authentication on external locations.I hope you have a little tip for me.The Authentication process starts without problems and than the communication between the supplicant and Authentication Server stops....