Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
312
Views
0
Helpful
0
Comments

ACS 4.2 user mapping wired and wireless

conradduval1
Level 1
Level 1

‎02-23-2010 11:38 AM - edited ‎02-21-2020 09:57 PM

Hello,

i have a question...

User1 logs on the switch, he belongs to AD group Domain_user and get mapped on ACS Group1 wich send the radius attribut to change VLAN

My problem is when the same user connect with his wifi card... he is still part of the domain_user and get still mapped to group1 on acs but now, the radius values are wrong for the wireless.

Wired production vlan =20

Wireless prod vlan = 120

What i want to do is something like:

ADGroupX+Connect_type = ACS group1

ADGroupX+Connect_type2 = ACS group2

I tried using connection profile but the group mapping are not made a this level. Same goes for NAR, my user should be able to log on wired or wireless user and get the proper vlan.

one other avenue would be to setup a wireless user/password on the internal database and add it to the proper ACS group but that involve password management and not all 802 client support password auth ( without user intervention )

Any idea?

Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents