Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
387
Views
5
Helpful
2
Replies

ACS only allow 7921G phones on a certain SSID - block others

netwrkgod
Level 1
Level 1

‎02-29-2008 12:35 PM - edited ‎07-03-2021 03:28 PM

Hello, we have just deployed an SSID of hVoIP and applied CAC and QoS. It works well. We have a "data" SSID of DATA.

Is there a way to only allow the Cisco wireless phones to authnticate to this SSID and block, say laptops or other WiFi phones, from authenticating. We don't want people to connect their laptops to this network to get their data prioritized and ruin the network for the calls.

We have LWAPP AP's, WiSM's, and ACS 4.1.

Thanks!

Labels:
0 Helpful
2 Replies 2

Richard Atkin
Level 4
Level 4

‎03-02-2008 09:32 AM

Couple of ways you can do this...

First, just have one SSID, and assign users to VLANs and give them ACL / QoS / CoS settings dynamically. This can be done in ACS using the airespace attributes, and enabling "Allow AAA Override" on the WLAN in the WLC.

Second, in your ACS Groups, you can specify which SSIDs a user is allowed to come from, this is done (from memory) using the NDIS settings. With this method, you go to the groups that your data users come from, and specify that they can only connect from the "data" ssid, and same again for the phones.

HTH, plenty of docs on CCO about this...

http://www.google.co.uk/search?hl=en&q=airespace+dynamic+wlan+site%3Acisco.com&meta=

Regards,

Richard

netwrkgod
Level 1
Level 1
In response to Richard Atkin

‎03-03-2008 05:02 AM

What if the user uses the same username/password for logging into their laptop as they do for the phone?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card