01-14-2021 11:58 PM
Hi Guys,
I am stuck need help on a solution:-
the scenario is as below:-
1. Site 1:- Cisco WLC and Clear Pass --> SSID-Users --> PEAP authentication User
2. Site 2:- Cisco WLC and ISE --> SSID-Users --> EAP Authentication (EAP-FAST) user+machine
Now if i create 2xSSID profiles in the Cisco NAM will it work and detect which one to connect or i have to do it manually to select which profile i have to connect so the user can connect to the profile and login to the network
Thanks
01-15-2021 08:42 AM
So there is a setting in the NAM profile editor that will force NAM to connect to the network if in proximity. The definition to enable this is below:
Corporate Network—Forces a connection to a network configured as Corporate first, if one is in proximity. When a corporate network uses a non-broadcasting (hidden) SSID, and is configured as hidden, the Network Access Manager actively probes for hidden SSIDs and establishes the connection when a corporate SSID is in range.
AFAIK from my experiences if you do not use that setting then NAM will try to use whichever profile is listed first and eventually failover to the next profile. Note that my experiences were in an environment where 2 SSIDs were broadcasted and one was used with mab and the other with eap-tls. I would recommend testing the corporate network setting in your unique environment. HTH!
01-26-2021 09:39 AM
I assume that your SSID's are using the same name but the authentication policy changes.
While NAM profile editor doesn't prevent you from creating 2 profiles using the same SSID that doesn't mean that the user experience will be good. I believe that NAM will get confused on which profile it should use and you might get different feedback from different users.
My recommendation is to change the SSID in one installation and create the appropriate policies on NAM, tick the corporate for each profile. My recommendation should work as long as the two SSID are broadcasted in different physical locations so when a client can reach one SSID the other SSID will not be reachable. Follow @Mike.Cifelli recommendation for building the profiles.
I hope I got your point correctly.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide