Restrict access to SSID using ACS NAR

Unanswered Question
Oct 13th, 2008


I currently have 2 ssid's one is for trusted users, the other is for non trusted but employees. Guest access is completely different.

I have a mixture of lightweight and fat AP's as we are undergoing migration.

I have setup a NAR on the two groups using DNIS *(trusted-ssid).

This seems to allow access for the lightweight AP's howevetr they can still use the untrusted credentials to access the trusted network.

On the fat Ap's it seems to not see the SSID and filters all trusted users out.

Is there a better way of doing this??

Is the syntax for matchign the ssid different on fat AP's?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
scott-goodwin Mon, 10/13/2008 - 01:53

Just a bit more background, I am backing off auth to AD and using group match. Just need a way to tie the groups to one SSID and not allow them to use both.



scott-goodwin Mon, 10/13/2008 - 05:02

Ok, now got the LwAP AP's to work, however the FAt AP's dont seem to match the DNIS *SSID syntax, is there an alternative for fat AP's??




This Discussion



Trending Topics - Security & Network