07-13-2013 11:38 AM - edited 07-04-2021 12:24 AM
Hi my name is Ivan
I have a wireless network working with 3 profiles of users:
Profile 1: Corp with 802.1x peap maschap v2
Profile 2: Alm with Web Authentication are validating credentials from a ACS 5.3 and AD 2008 R2
Profile 3: Guest with Web Authentication validating credential from the Cisco Lobby Ambassdor.
My customer need limit the amount of sessions to the authentication, for example:
One user of any Profile (Corp, Alm, Guest) just must authenticate to the network wireless using only twice their credentials, from any device
My customer doesn't need authenticate the device (By MAB, or another method).
Is possible to do it in the WLC or perhaps in the ACS 5.3?. Or perhaps in only two Profiles, or only one?.
Please could you give me an advice to do it?
Thanks for your answers.
Ivan
07-13-2013 12:03 PM
Well the issue is that you have multiple sources where the credentials are located. You have an option on the WLC to limit the max login but that is only good for that WLC. If you have multiple WLC's , that wouldn't work so well if they connect to another ap on a different WLC. Bringing authentication to a single source like ISE you would be able to do that, but I think it's on the next release that it will be available.
Sent from Cisco Technical Support iPhone App
07-13-2013 08:07 PM
There is command on WLC "max-login-ignore-identity-response" which limit the number of devices but as Scott said if you are using more than one WLC then it will not work. You have to deploy ISE 1.2 which is going to be release in the last week of this month. With the help of this you can achieve your goal.
07-13-2013 08:22 PM
Hi Scott And Ravi, thanks for your answers
I have one wlc and 3 ssid. Im going to try to do all your advice, to limit the amount of sessions of the authentication.
Regards
Iván
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide