I would like to ask some question on WLAN technology, which I using WiSM version 2. And i get requirement that user must be restrict with SSID, so, i found that it can do it on ACS version 4.x via NAR for SSID-based authentication feature. Then, is it possible to do restriction on ACS Version 5.x?
View 4 Replies
I have 4 autonomous AP 1142 with 2 ssids : SSID10,vlan10 & SSID20,vlan 20.I use ACS 4.2 in order to authenticate users (EAP-FAST). How can i restrict access base on ssid or on vlan?I want users that connect to SSID 10 to not have access to SSID 20 and the opposite.
View 7 Replies View RelatedWe are using ASA 5510 Version 7.2(4) at our organisation. The requirement is we need to give an access to a user with limited access so that he can run only specific commands on configuration mode. We don't have Cisco TACACS server instead of that we are using a microsoft radius server.
View 6 Replies View RelatedWhile I was at school there was a system in place where by you had to enter a user name and password to access the internet. Every student had a data limit like 3GB per month for example. I remember it had something to do with a proxy. I would like to recreate this system on my office LAN as some staff members have been downloading a lot slowing down the (very expensive) Internet connection. Limiting each users data will discourage large downloads.
View 1 Replies View RelatedWe have configured ACS 5.1 for autenticating wireless users with active directory, which is working fine now.But we would like implement that single user should be authenticated through ACS . If any user try to access WLAN from multi system will be notified with multi login access restriction.Can we implement this policy in acs, if possible what are the exact configuration changes we have to implement.
View 1 Replies View RelatedI am trying to create a user restriction to allow one user to access only two networks (10.192.3.0 and 10.192.5.0) I have range of networks but I want to permit only two networks for limited user and full access for the admins. I know this was possible with ACS 3.3 but I am not too sure if this is also applicable with ACS 5.2.
View 1 Replies View RelatedI have created new ssid and i want to associate only one IP address with this SSID, so that only this user will be allowed to connect to AP. I have controller 5500 series.
View 6 Replies View RelatedI have manually configured the E2000 and set the admin password. When I was trying to log back in, I could not. I reset and reconfigured and set the password again. I still could not log in using "admin" and the password I set up. I thought I was losing my mind. Just on a hunch, I used the SSID name instead of "admin", then entered the password that worked. I am able to login, but I need the username to be admin, not the SSID. Has anyine else had this issue? Any way to change the administrator name back to admin??
View 5 Replies View RelatedWe have been deploying 3502 APs remotely to locations with full T1s that backhaul to where I sit at HQ. Both the foreign and anchor controller are here at my location.
I am seeking to rate limit per user the bandwidth each client will get on the guest internet ssid. As you know this traffic is encapsulated in capwap between the AP and the controller so I cant use a standard ACL on the switch or router.
We are trying to keep the guest internet access usage in check on the T1 at any given site so the other ssid's & local lan traffic is not overly competing for the bandwidth.
I found the place to edit the default profiles in the controller but the documentation really isnt clear on best practices.
So I put it to you my fellow wireless engineers to suggest how you are implementing bandwidth management on your wireless guest internet.
Oh and here is my hardware & software levels.
5508wlc - forgeign
4402wlc - anchor
Software Version7.0.230.0
We have ACS Engine 4.1 and want to upgrade it to 5.x.
Is the new version of ACS 5.2 allows a user to belong to several groups of AD ?
McAffee scan of acs 1113 appliance running the 4.2 build 124 patch 12 version reports that a medium vulnerability exists because the system has SSH version 1. Any way to specify only version 2 or turn off SSH?
View 9 Replies View RelatedWe have 4 SSID's established for our staff, students, Guests and Providers. CISCO / ARUBA Managed APs with a centralized CISCO Controller. Can I restrict access by the first letter in the username so that usernames that begin with x will ONLY connect to the Staff SSID if in range and usernames starting with y ONLY connect to the student SSID?
View 1 Replies View Relatedwhich version of prime infrastructure supports wlc5508 version 7.4
View 2 Replies View RelatedMy Wireless-N Home Router WRT120N with version 1.0.07 seems to have a problem blocking Sites through scheduling with Access Restriction "Allow" ...I notice that... when I enable access restriction, with policy and some range of computers connecting to my router , and set it to "allow" from "monday - friday" from "8am-6pm" .. with a purpose of blocking some social networking sites, example facebook, It works perfectly fine. But when the "scheduled" time comes ( before 8am and after 6pm ).. I cannot access the internet.. router is working, it detects my modem.. but no internet connection. It always happen before and after the "scheduled time" before the configured access restriction takes over. I have to disable the Access Restriction to continue our internet access.
View 4 Replies View Relatedtarget 192.168.0.21following are rules of access restriction on WRT54G1.rule A- 07:00am~10:00am,internet access allowed, keyword blocked such as Facebook,mail.2.rule B- 10:05am~10:00am,internet access allowed, no keyword blocked.but 192.168.0.21 fails to access internet after rule A expired.
View 1 Replies View Relatedwe upgraded our router from WRT54G V5.0 to WRT110. before we dont have any issues using the ACCESS RESTRICTION from WRT54G but now on WRT110 we encounter a GLOBAL BUG. we are blocking the website like Youtube, Friendster, Facebook etc. on the EDIT LIST TAB we specify 4 IP Address that will not going to access the said websites. The problem is...all Computers (about 15 PC) that are using the Internet cannot access the said website also but we did not enter the other IP's.
View 9 Replies View RelatedI tested this with my laptop by setting its access restriction/parental control to always not access the internet. But still my laptop can still search through Wikipedia. Is this because of the router firmware? By the way I'm using the latest Connect cloud firmware.
View 7 Replies View RelatedI have a WRT110 and in the access restriction settings section the time is in military. I try to set the restriction from 11:30 pm to 6:00 am. I cannot because it tells me the second time "6:00 am" has to be larger than the first. I don't understand a way around this.
View 2 Replies View RelatedAll the documentation for this router shows the Access Restriction tab in the router configuration menu. It's the same as other linksys routers. The current version of the firmware doesn't have this functionality. Was it removed?
View 5 Replies View RelatedIs it configurable to allow wifi user to user traffic on WLC 5508?
View 4 Replies View RelatedIs it possible to assign a single ssid to multiple interface groups by assigning the ssid to multiple AP groups?
I have buildings geographically dispersed that are configured with multiple vlans in interface groups so that I can maintain an addressing scheme of dhcp assigned addresses per building. Each building is also further grouped as AP groups. I'd like to know if by assigning the same wlan ssid to each of the AP groups, will I maintain addressing integrity for each building? I'm thinking it will work.
Do the buildings have to be outside AP range of each other to avoid problems?
5508 controller
7.2.110.0 code
6 buildings
6 interface groups
1 ssid
I have set up access restriction times for my son (we have wireless access for all systems). I use the MAC address on his systems. Xbox, Kindle Fire and his Laptop. The MAC address are Correct. Here is the problem:
I set the "allow" and times from 6pm - 11:00 pm (while on xmas vacation) - the system works for a while he is shut off as i would like but....
After a period of time the entire house goes off line. I have to reboot the power on e2000 router and then disable the access restrictions. System then works. Problem is repeatable. What is the deal. I have updated firmware already. Otherwise the system works great. Never dies. Just when i set access restricions for a SPECIFIC time it kills entiore houese. BTW i can deny him outright 24/7 and the system idsables his access fine. Its just when i set specific times
There are 10, 50 and unlimited users profiles for the ASA 5505, reason for that restriction? Does that mean for example that only 10 users can go through a 10-user 5505?
View 6 Replies View RelatedI am running the SGE2000 as my l3 core switch with multiple inter-vlans.
have a customer requirement that needs to restrict eg. GUEST-VLAN10 to all other VLANS in the network. Only allowing access to the internet.
It seems on the switch i am able to bind ACL to per port interface. if this is possible on the SGE2000
Router 2811 got 3 Interfaces. One Interface connected to INTERNETProvider, Second Interface connected to Sales_Dept, Third Interface connected to Business_Dept. Internet Bandwidth in Total is 8MB. I need assistance to allocate 6MB total bandwidth to Sales_Dept and 2MB total to Business_Dept Sales_dept has 48port switch 2960, Business_Dept 24 port switch 2960. Gateway for users is the 2811 Router and both are on different subnets
View 3 Replies View RelatedCan we use ACS 4.1 version recovery disc on 4.2 verison to recover the forgotten password.
View 1 Replies View RelatedI am using a network switch to share my broadband between four PCs.Among these PCs, one is for students. Is it possible that I can do the following 2 things from modem whose page can be accessed through 192.168.1.1;
1. Restrict some website like Facebook, Youtube etc
2. Limit download speed of that PC to 100KB/s
I am a restaurant owner and have a wireless network set-up via DLink DSL 2730U router. Now some times I get customers who demand to use the network and they use it for free which I find irritating. I have found one solution of 'Guests/Virtual Point' but I need to limit the time (say 15 minutes) for which they can use the network.
View 1 Replies View RelatedI've my ACS linked with AD to give administration access to few network devices and I've created an access policy to link my AD groups with those network devices and command sets.
Unfortunately I found I can use any user from my AD to login to my devices. Only LOGIN, the authorization definition is restricting the command set for those users.
How can I restrict the LOGIN to an specific AD group?
provide me with the important links which can show me how to do the software upgrade for my ASA 5520 ver 7.0(1) to ver 8.4 ? as well as the ASDM
View 10 Replies View RelatedI get that to avoid fragmenting the packets we need to reduce the MTU to 1492, fine, but should the MTU restriction be applied at the virtual-template (server)/dialer (client) or on the physical ethernet interfaces?If I apply it to one or the other, which takes precedence? Should I just apply it to both the virtual/dialer interfaces and the ethernet interfaces?
View 6 Replies View Relatedi have asa 5520 configured as VPN Gateway to terminate remote access vpn , i have question , how can i restrict the access to only 1 range of public source IPs to access my corporate via RA ,is this possible?if so how to configure it?
View 1 Replies View Relatedmy client insisting to set a dscp value of 56 (= CS7 , the highest priority) for their video packet without any bandwith restriction in the input of fast ethernet port and PPP Multilink serial output port of the 7513 router. What will be the outcome at time of video streaming and video conference ? As this dscp value CS7 is the highest priority and reserved for network only.we are using ospf routing (some of the network is connected through this multilink port via ospf routing), also this ethernet is connected to various statice routed ip network via cisco asa and cisco 4507. The keep alive ospf neighbor router will be lost or not?
View 2 Replies View Related
