Autonomous AP Management

jwatpiii40 · ‎11-07-2012

All,

I am now managing an environment that includes a dozen or so small sites that are running isolated APs that for cost reasons have been left autonomous. Most of the devices that connect to the APs are non-domain managed and the wireless is intended to allow internet communication only. It has been secured via a PSK, but that is continuously shared against corporate policy and the APs are constantly serving about 5 - 10x the number of connections they were intended to service - between unauthorized laptop and smartphone connections.

The managers at each of these sites are comfortable with mac filtering and accept the idea that they should be responsible for administering them. I was hoping there was a means of allowing them access to only the mac-filtering configuration pages and will not allow them to configure any other pages on the AP (mgmt address, usernames, etc). I don't have a tacacs server available to create command sets, so I'm limited to trying to set this up on the AP.

All I can tell is configurable on an individual AP is read and read/write access.

Thanks

Amjad Abdullah · ‎11-10-2012

Hi Joseph,

I would say it is not possible without TACACS+ to achieve access to mac-filtering page only.

All what I can think of is Role Based CLI access:

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gtclivws.html

But this is also not as flexible as you want.

HTH

Amjad

p.s: I don't know if the Role-Based CLI works with autonomous APs.

Rating useful replies is more useful than saying "Thank you"