Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
442
Views
0
Helpful
1
Replies

Is it possible that network access permission control in acs 5.1

xnoops_netone
Level 1
Level 1

‎12-18-2010 09:23 AM - edited ‎07-03-2021 07:34 PM

Hello

We have ACS5.1, WLC 7.0 and using 802.1x to authentication users.

Anybody know how I can configure network access restriction with using internal user group information.

For example, under the same SSID(like that "test") , same VLAN ID.

But two different user group has a different network access permission.

One group has full permission and the other has a limit network access permission.

Is it possible?

Labels:
0 Helpful
1 Reply 1

Nicolas Darchis
Cisco Employee
Cisco Employee

‎12-18-2010 01:55 PM

The equivalent of a NAR would be ACS 5.1 returning an authorization profile after authentication. Just configure your authorization policy to return one profile for one group of user and the other profile for the others.

Now to restrict access to the network, I think you're best with an ACL ? So link ACLs to your profiles.

Nicolas

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card