Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
614
Views
0
Helpful
1
Replies

Local Authentication Only for Guest WLAN - Block RADIUS

wbcrbud
Level 1
Level 1

‎05-17-2007 08:01 PM - edited ‎07-03-2021 02:05 PM

Hi. I have two wlan's, one secure for employees, one open for guests.

The secure wlan is using radius to authenticate domain users. And the guest wlan is set to use web-auth.

I would like to limit access to the guest wlan to Only local accounts created on the controller. However, it falls back to the radius server when a local account doesn't exist.

Is there any way to block the radius fallback only for the guest wlan? Should I be looking to prevent this on the radius server, or can it be done on the WLC?

This is a 4404 WLC v4.1, and about 50 1130 AP's.

Thanks for any advice.

http://www.cisco.com/en/US/products/ps6366/prod_technical_reference09186a0080706f5f.html

Labels:
0 Helpful
1 Reply 1

wbcrbud
Level 1
Level 1

‎05-18-2007 09:57 AM

Well, I normally don't reply to myself, but I found a way to implement this.

By creating a bogus RADIUS server and setting it as the AAA server for the guest wlan only the local accounts are able to authenticate on the guest wireless network.

This is more of a RADIUS DOS, but it's working for me.

Cheers!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card