03-03-2012 08:23 PM - edited 07-03-2021 09:43 PM
Hi,
i need that wlc lets only one session login for user, it means if someone use auth data, user: john, password: cisco123 and another person knows this same information, the wlc doesn´t let that he or she is connect to network because it there is already a "right" user logged in. This works fine if i configure one SSID with web authentication, but i haven´t made it when i configure SSID with wpa2 (enterprise) + 802.1x (RADIUS). Can i reach this?
Thanks.
03-03-2012 09:22 PM
On the wlc security tab there is a login policy for concurrent login. You can set that to 1.
Thanks,
Scott Fella
Sent from my iPhone
03-04-2012 06:57 AM
Hi Scott,
thanks for your response.
how i have said it, "max concurrent logins" set to "1" works fine in SSID with web auth but this doesn´t work it other user are connected through SSID with WPA2 + 802.1X (RADIUS + Active directory).
I think that with web auth ( wlc local net users), wlc has a control to users who have got access, but when auth is done through AD the wlc doesn´t and of course in this SSID configuration i couldn´t make my objective to limit user logins. Am i right?
03-04-2012 09:15 AM
Well if that doesn't work, the only way is on the radius server you are using. I know that Cisco ACS has a concurrent login you can set. I don't think IAS or NPS does.
03-06-2012 02:06 PM
Scott,
thanks for your help. I think the same. I asked to administrator that he reviews ACS configuration.
03-06-2012 02:13 PM
The only thing is... If the wrong person logins first, the person who actually needs to login will not gain access.
Sent from Cisco Technical Support iPhone App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide