06-10-2009 09:04 AM - edited 07-03-2021 05:42 PM
The IAS policy to authenticate users (we have one for VPN and another for wireless), will stop at the first policy that matches the user to the group even though the NAS port type is set to IEEE 802.11. Users were telling me that if they were removed from the group that granted VPN access, then they could hit wireless (but then not be able to get on VPN).
Â
Anyone experienced this?
06-16-2009 12:43 PM
Edit the properties of the Controller Remote Access Policy. Make sure to add the NAS-Port Type - Wireless - IEEE 802.11
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008082d5b5.shtml
06-21-2009 07:14 AM
You should also specify the NAS IP Address for each of your policy. This way the policy will match the mangement ip address of the readius client.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: