Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Authenticate guests via WLC and ACS

Status
Not open for further replies.

dhotep

Programmer
Jul 28, 2008
38
US
I have a WLC that currently authenticates employees against an ACS via 802.1x/AD.

I've added a second WLAN for guest access and have setup the WLC web authentication to pass credentials to the ACS. I've created a local identity store on the ACS for guests.

The problem I am having is the local user is being denied access because it is matching to the Access Service that the employees use.

If I move the Guest rule to the top of the access service selection, it works, but it breaks the employee wireless.

I've looked at all the available fields on the rules and I dont see how I can differentiate between two different WLANs coming from the same device. I tried matching IP range, but when looking at the troubleshooting the IP field is blank, and the MAC field shows the IP of the end point. I'm wondering if this is because the WLC is proxying the authentication requests.


does any one have suggestions on how to differentiate between the WLANs?
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top