02-28-2007 02:06 AM - edited 07-03-2021 01:42 PM
Hello,
I use a WLC and Cisco radius ACS.
I have two SSIDs, one for the IP phones using LEAP and one for the computers using PEAP. To authenticate on both SSIDs, I use the same username and password, only the EAP methods used is different.
My problem is that both EAP methods can be used to access to each SSID (LEAP or PEAP).
Is there any way to restrict the use of a particular EAP method to an SSID ?
Is it possible with the Cisco ACS ? Indeed, EAP methods are globally defined.
Thanks for your help,
Gaetan
02-04-2008 05:05 AM
Hi
We have exactly the same problem with IP phones and clients. We have 3 SSID's and would also like to use the two different EAP methods (LEAP and PEAP) on 1 ACS. How did you configure the ACS to support 2 EAP-Methods for 1 WLC?
Thanks in advance
Dominic
02-08-2008 03:12 AM
You can use NAP with ACS 4.0.
you filter the profile based on called-station-id and this way you can restrict the type of eap.
cheers,
02-08-2008 04:03 AM
Thanks a lot. We just installed ACS 4.1 (we had 3.2) so we couldn't configure NAP before.
02-06-2008 11:17 AM
02-06-2008 12:24 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide