This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Scheduling user access to AP's with NAC

Scheduling user access to AP's with NAC

rhaviland1
New Contributor II

‎08-08-2016 01:13 PM

I have created a rule in which the goal is to block access to the SSID during certain hours on a certain SSID

I created a Time Group

I created a Location Group

I created a Profile in which I want to Reject all traffic on this SSID. At first I had the Reject Authentication Requests. It didn’t work.

This SSID is unauthenticated and wide open, per customer request. Now I’m testing unticking the box for Reject Authentication and changing the Accept Policy to Deny Access.



Is this the right move?
Is there a better option?

0 Kudos
2 REPLIES 2

rhaviland1
New Contributor II

‎08-08-2016 06:43 PM

Well, the NAC has been bought so I need to use it to Deny Access based on a schedule. The SSID is wide open, no authentication at all, per customer request. I'm not really concerned with hiding the SSID because it doesn't really do much for keeping people off the SSID at night.

Thanks for the ideas that will be greatly useful in another situation.
0 Kudos

Ryan_Yacobucci
Extreme Employee

‎08-08-2016 02:48 PM

Hello,

If the SSID has MAC authentication enabled I would suggest using an accept policy for "Deny Access". Check the "Deny Access" role on the EWC to make sure that the role is configured to not allow any access.

Also, in 7.0 there is a script called "Wireless WLAN Scheduler" that can be used to schedule the enabling/disable of the SSID if you want to prevent access by disabling the SSID instead of providing a deny access accept policy through NAC.

Thanks
-Ryan
0 Kudos
GTM-P2G8KFN