Hi,
I am looking for a solution to deal with the wireless NAC users being authenticating (Web Login Only) from a particular AD group. The mapped users gets into a particular role and access VLAN but un-mapped users get the default role which is "Un-Authentication Role" but also gets the same Access VLAN. So, the un-wanted users gets also the same access which is undesired.
I tried with one solution which is, i put those users into a role named as "Deny_Role" and Enable a Timer of 1 minute (least Time) on it, which seems working but i can see that user is disconnecting (session timeout) after 3 or 5 minutes. I want to limit this but again, i do not find this as an appropriate solution.
We could deal with wired users easily, bounce the port and get them again in "Unauthenticated Role" and VLAN will be "Un-Auth VLAN" with no network access or rediect them into a particular role with a specific VLAN. But, this is not valid in case of "Wireless Users".
So, I am looking for a solution to deal with the wireless users in this situation...
Please advise or give an idea.
BR,
Mubasher Sultan