Wireless ACLs via RADIUS

deanwebb · July 02, 2021, 09:47:28 AM

Environment is Cisco 5508s, want to apply an ACL via a RADIUS command.

Reading over these links:
https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/98590-Per-User-ACL-WLC.html
https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/71978-acl-wlc.html

Looks like once it's all set up on the WLC, a RADIUS server needs only to send over a command referencing the Aire-ACL-Name and the WLC applies the ACL. So as long as it's set up on the WLC and the RADIUS server can send the right command, it's job done, right? Or am I missing something?

Otanx · July 02, 2021, 10:22:52 AM

Looks right to me. We do something similar with our wired clients, but we send the entire ACL not just the ACL name. The RADIUS server just needs to be able to set the right A/V pair.

-Otanx

deanwebb · July 02, 2021, 10:45:45 AM

And that we do. Thanks for the sanity check!

Wireless ACLs via RADIUS

deanwebb

Otanx

deanwebb