IAS matching wrong policy

Unanswered Question
Jun 10th, 2009
User Badges:
  • Bronze, 100 points or more

The IAS policy to authenticate users (we have one for VPN and another for wireless), will stop at the first policy that matches the user to the group even though the NAS port type is set to IEEE 802.11. Users were telling me that if they were removed from the group that granted VPN access, then they could hit wireless (but then not be able to get on VPN).


Anyone experienced this?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Scott Fella Sun, 06/21/2009 - 07:14
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

You should also specify the NAS IP Address for each of your policy. This way the policy will match the mangement ip address of the readius client.


This Discussion



Trending Topics - Security & Network