03-09-2022 01:44 PM
I have two SSID with web authentication, ¿Can I restrict the access of 6 users to an especific SSID?
03-09-2022 02:43 PM
If I am right try this way
under wlan in WLC, L2 security Mac filter,
add MAC address of user in local Mac tables of WLC .
03-09-2022 02:45 PM
03-09-2022 09:32 PM
Hi, thanks for your replay.
I solved the problem. Let me explain a little bit more about my scenario in a WLC 9800, it´s a little different with legacy WLC, hope you can understand me, English is not my native language.
I have 2 SSIDs for guest users using web authentication, SSID 1 normal behavior is to have access for internet but the users can't reach my internal network, and the SSID 2 normal behavior is to reach my internal network and also everything in Internet.
What I was looking is to create guest users for SSID 1 only and the same for SSID 2.
The problem was that all users have the connection with both SSID.
The problem was solved with this steps in GUI,
1. Creat an attributte list with the association of the SSID (Security==>AAA==>AAA advanced==> Attribute_list)
2. Associate the guest user with the attribute list
3. Associate the user with a wlan-profile-name, because if you do not do this, the guest user authentication is allowed on any WLAN.
4. In the Policy created for the SSID you need to check AAA override.
Example CLI configuration
conf t
user-name XXXXX1
password 0 XXXXX
aaa attribute list XXXXX <== Name_of_attribute_list_created
exit
conf t
username XXXXX1 wlan-profile-name XXXXX <== SSID_name
I just followed this link,
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide