Chapter 8 Security Setup

Setting Up MAC-Based Authentication

Enabling MAC-Based Authentication in Cisco Secure ACS

Cisco Secure Access Control Server for Windows NT/2000 Servers (Cisco Secure ACS) can authenticate MAC addresses sent from the access point. The access point works with ACS to authenticate MAC addresses using Secure Password Authentication Protocol (Secure PAP). You enter a list of approved MAC addresses into the ACS as users, using the client devices’ MAC addresses as both the username and password. The authentication server’s list of allowed MAC addresses can reside on the authentication server or at any network location to which the server has access.

Follow these steps to create a list of allowed MAC addresses in Cisco Secure ACS:

Step 1 On the ACS main menu, click User Setup.

Step 2 When the User text box appears, enter the MAC address you want to add to the list.

Note The access point sends MAC address queries to the server using lower-case characters. If your server allows case-sensitive usernames and passwords, you must enter MAC addresses in the server’s database using lower-case characters.

Step 3 When the User Setup screen appears, enter the MAC address in the Cisco Secure PAP Password and Confirm Password entry fields.

Step 4 Enter the MAC address in the CHAP/MS-CHAP/ARAP Password and Confirm Password entry fields. Step 5 Select the Separate (CHAP/MS-CHAP/ARAP) check box.

Step 6 Click Submit. Repeat these steps for each MAC address you want to add to the list of allowed MAC addresses.

MAC addresses that you enter in the authentication server’s list appear in the access point’s address filter list when the client device is associated to the access point. MAC addresses in the server’s list disappear from the access point’s list when the client devices disassociate or when the access point is reset.

Note Be sure to include your own MAC address in the authentication server’s list to avoid losing your connection to the access point.

Cisco Aironet 1200 Series Access Point Software Configuration Guide

8-26

OL-2159-05

 

 

Page 188
Image 188
Cisco Systems DL-2159-05 manual Enabling MAC-Based Authentication in Cisco Secure ACS