I currently have 2 ssid's one is for trusted users, the other is for non trusted but employees. Guest access is completely different.
I have a mixture of lightweight and fat AP's as we are undergoing migration.
I have setup a NAR on the two groups using DNIS *(trusted-ssid).
This seems to allow access for the lightweight AP's howevetr they can still use the untrusted credentials to access the trusted network.
On the fat Ap's it seems to not see the SSID and filters all trusted users out.
Is there a better way of doing this??
Is the syntax for matchign the ssid different on fat AP's?