I need help with configuring my WLANS with 802.1x security....
Is it possible to have one WLAN authenticate to a certain group in Active Directory?
For Example:
WLC IP Address: 1.1.1.20
ACS IP Address: 1.1.1.10
----------------------------
SSIDS:
1. Corporate
2. Guests
----------------------------
Active Directory Groups:
1. Corporate Wireless Users
2. Guest Wireless Users
-----------------------------
Windows Database Group Mappings in ACS:
Group 1 - Corporate Wireless Users
Group 2 - Guests
------------------------------
My issue is this: Users in AD group "Corporate Wireless Users" can authenticate and connect to the "Guests" SSID.
Is there anyway to prevent that?
Basically this is what I need...I need users in AD group "Corporate Wireless Users" to be able to connect and authenticate to the "Corporate" SSID and no others. I also need users in AD group "Guest Wireless Users" to authenticate and connect to the "Guests" SSID and no others.
Is this possible?
Thank you in advance,
Scott