Solved: Re: Are there any wireless controler that will accept Downloadab

michael.lussier · ‎06-02-2010

Currently any vpn user apon connection the network has an ACL pushed from ACS to ASA.

I want to do the same for wireless but I dont use the ASA. Will one of the wireless controllers accept Downloadable ACL's like the ASA ?

Michael

Leo Laohoo · ‎06-02-2010

NO. Because the ACL syntax on the WLC are different.

dancampb · ‎06-02-2010

You can create an ACL on the controller and have the Radius server apply that ACL to specifiec users .

michael.lussier · ‎06-02-2010

Dan,

That would be tricky at best. If its per user would mean 10,000 ACL at about 200 lines each. hmmm that won't fit on a 4402 now will it ?

I'm using RSA authentication, If I can do it like I do with the ACS/RSA on a per group basis would drop to about 144 ACLs at about 200 lines.

Correct me if I'm wrong but I can't use the ASA with DACL unless I'm using IpSec.

At this point I'm not limiting myself to the Wireless controllers I thought it would be the simplest solution.

Leo Laohoo · ‎06-02-2010

NO. Because the ACL syntax on the WLC are different.

Are there any wireless controler that will accept Downloadable Access-list ?