Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
894
Views
0
Helpful
3
Replies

Authorize APs against AAA

SHANNON WYATT
Level 1
Level 1

‎08-09-2007 03:14 AM - edited ‎07-03-2021 02:27 PM

Enabling the "Authorize APs against AAA" option in the Wireless LAN Controllers requires you to add the MAC addresses to the ACS server so that the controllers can check the MAC address against RADIUS. If this option is enabled and the MAC addresses are added to the ACS, could a user potentially use the MAC address of an Access Point to gain access to the wireless network?

Labels:
0 Helpful
3 Replies 3

Jagdeep Gambhir
Level 10
Level 10

‎08-09-2007 12:28 PM

no, it will allow only if the mac is in acs database as a user. If AP mac is not listed it can't be used to login.

Regards,

~JG

Please rate if helps

0 Helpful

SHANNON WYATT
Level 1
Level 1
In response to Jagdeep Gambhir

‎08-10-2007 06:09 AM

I think that maybe I'm not being clear. If I have a single ACS server with normal users as well as mac addresses entered as users, couldn't you use one of the mac addresses to authenticate with using PEAP? I assume there is some method to prevent this from occuring.

0 Helpful

Jagdeep Gambhir
Level 10
Level 10
In response to SHANNON WYATT

‎08-11-2007 12:43 PM

You can use a feature called NAP (Network access profile) in ACS.

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.1/user/NAPs.html

Regards,

~JG

Please rate helpful posts

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card