05-24-2020 10:50 PM - edited 07-05-2021 12:05 PM
I have two SSID : 1. SSID-NPS and 2. SSID-NPS2
both of them is using nps radius server.
I want to make the rule
1. only groups 8021x can connect SSID-NPS
2. only groups 8021xb can connect to SSID-NPS2
i have already using called station ID, but only rule 1 is running well,
when i test SSID-NPS2, the user in group 8021x still can connect to that ssid.
Note : I only using eap-peap method (connect using username and password from active directory)
below is the configuration of NPS server. please correct if i missing the configuration
05-25-2020 12:18 AM - edited 05-25-2020 12:19 AM
I think it is because your two SSID names are not unique. If you use distinguish SSID names ( SSID-NPS-1 & SSID-NPS-2) you should be able to filter using called-station-id
HTH
Rasika
05-25-2020 12:39 AM - edited 05-25-2020 12:40 AM
Terhe should be a condition to match "Called Station ID" with the value of the BSSID like ".*.:SSID-NPS" or ".*.:SSID-NPS2" (without the quotes) for every Machine Group you want to split.
HTH
-Jesus
*** Please Rate Helpful Responses ***
05-25-2020 12:48 AM
Instead of solving this problem I would first think about your environment. Typically it does not make any sense to "waste" two SSIDs if both use the same authentication-methods to the same authentication-server. It's likely that you only need one SSID.
05-25-2020 03:58 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide