Hello,
I have a general question about AAA Wifi and Cisco
In theory, it is possible for a NAS to honore and send a lot of RADIUS
and VSA attributes, to permit precise per-user authorization tunning
(for exemple per-user ACL, with Filter-Id or VSA...). But in the case
where the NAS is an Access-Point, is it possible to manage authorization
like this too ?
I'm working on a Cisco Aironet 1200, and in the doc they said that it's
possible to use per-user authorization for Administrative users of the
access-point, but they say nothing about normal users (ie: Wifi users),
and the listed supported Radius attributes are not including the ones
needed to do that.
Is there AAA limitations about Wifi ?
Is it impossible to use the RADIUS authorization features in Wireless
domain (maybe the problem is that an AP is more a 2-layer equipement) ?
Maybe some Access-Point can do that and some others can't ?
Thanks in advance
--
Mafioo
I have a general question about AAA Wifi and Cisco
In theory, it is possible for a NAS to honore and send a lot of RADIUS
and VSA attributes, to permit precise per-user authorization tunning
(for exemple per-user ACL, with Filter-Id or VSA...). But in the case
where the NAS is an Access-Point, is it possible to manage authorization
like this too ?
I'm working on a Cisco Aironet 1200, and in the doc they said that it's
possible to use per-user authorization for Administrative users of the
access-point, but they say nothing about normal users (ie: Wifi users),
and the listed supported Radius attributes are not including the ones
needed to do that.
Is there AAA limitations about Wifi ?
Is it impossible to use the RADIUS authorization features in Wireless
domain (maybe the problem is that an AP is more a 2-layer equipement) ?
Maybe some Access-Point can do that and some others can't ?
Thanks in advance
--
Mafioo