cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

213
Views
0
Helpful
2
Replies
Highlighted
Beginner

ISE 1.2 and WLC 7.6.100.0 Flex Config

I've one SSID used for both Head Office users and branch users. The problem is that branch users are using flexconnect. All the branch users are using vlan 10 as pre authC and vlan 20 after authenctication. But H.O. users are using vlan 50 to connect. Now i've make the AuthZ policy to match wlan-id and wireless 802.1x.

The question is that how i'll make the H.O. users to match different AuthZ policy and branch users with other AuthZ policy since i need to return different vlan for them.

 

Thanks and Regards,

Zohaib

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Rising star

If you use AP groups on your controller, you can set different NAS-IDs for each AP Group on the controller, and that attribute will be sent to ISE so you can create two different authz rules for the two ap groups.

View solution in original post

2 REPLIES 2
Highlighted
Rising star

If you use AP groups on your controller, you can set different NAS-IDs for each AP Group on the controller, and that attribute will be sent to ISE so you can create two different authz rules for the two ap groups.

View solution in original post

Highlighted

Hi Jan,

Thanks for the reply. I just want to know if there is any other way to identify the users in the policy since im using only default group and the network in operational. Shifting these AP to a new group will be difficult. Is there a way to put NAS-ID on flexconnect group?

Content for Community-Ad