I have two SSID : 1. SSID-NPS and 2. SSID-NPS2
both of them is using nps radius server.
I want to make the rule
1. only groups 8021x can connect SSID-NPS
2. only groups 8021xb can connect to SSID-NPS2
i have already using called station ID, but only rule 1 is running well,
when i test SSID-NPS2, the user in group 8021x still can connect to that ssid.
Note : I only using eap-peap method (connect using username and password from active directory)
below is the configuration of NPS server. please correct if i missing the configuration
I think it is because your two SSID names are not unique. If you use distinguish SSID names ( SSID-NPS-1 & SSID-NPS-2) you should be able to filter using called-station-id
Terhe should be a condition to match "Called Station ID" with the value of the BSSID like ".*.:SSID-NPS" or ".*.:SSID-NPS2" (without the quotes) for every Machine Group you want to split.
*** Please Rate Helpful Responses ***
Instead of solving this problem I would first think about your environment. Typically it does not make any sense to "waste" two SSIDs if both use the same authentication-methods to the same authentication-server. It's likely that you only need one SSID.