Manualshelf

user manual

ManualsBrandsCisco Systems ManualsNetwork RouterNetwork Router DL-2159-05
181182183184185186187188189190
8-26
Cisco Aironet 1200 Series Access Point Software Configuration Guide
OL-2159-05
Chapter 8 Security Setup
Setting Up MAC-Based Authentication
Enabling MAC-Based Authentication in Cisco Secure ACS
Cisco Secure Access Control Server for Windows NT/2000 Servers (Cisco Secure ACS) can authenticate
MAC addresses sent from the access point. The access point works with ACS to authenticate MAC
addresses using Secure Password Authentication Protocol (Secure PAP). You enter a list of approved
MAC addresses into the ACS as users, using the client devices’ MAC addresses as both the username
and password. The authentication servers list of allowed MAC addresses can reside on the
authentication server or at any network location to which the server has access.
Follow these steps to create a list of allowed MAC addresses in Cisco Secure ACS:
Step 1 On the ACS main menu, click User Setup.
Step 2 When the User text box appears, enter the MAC address you want to add to the list.
Note The access point sends MAC address queries to the server using lower-case characters. If your
server allows case-sensitive usernames and passwords, you must enter MAC addresses in the
server’s database using lower-case characters.
Step 3 When the User Setup screen appears, enter the MAC address in the Cisco Secure PAP Password and
Confirm Password entry fields.
Step 4 Enter the MAC address in the CHAP/MS-CHAP/ARAP Password and Confirm Password entry fields.
Step 5 Select the Separate (CHAP/MS-CHAP/ARAP) check box.
Step 6 Click Submit. Repeat these steps for each MAC address you want to add to the list of allowed MAC
addresses.
MAC addresses that you enter in the authentication server’s list appear in the access point’s address filter
list when the client device is associated to the access point. MAC addresses in the server’s list disappear
from the access point’s list when the client devices disassociate or when the access point is reset.
Note Be sure to include your own MAC address in the authentication server’s list to avoid losing your
connection to the access point.