WLAN authentication with IAS and BSSID

Answered Question
Mar 16th, 2010

I have an BSSID enabled AP and all Vlan clients should be authenticated on one IAS Server. On the Server the Vlans should be mapped to different Remote-Access Policies. I was not able to find any command for the "aaa group server" configuration, that adds an attribute wich allows the server to select the correct Remote-Access Policy.

Does anyone know an answer (without using different source addresses for aaa request)

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Scott Fella Tue, 03/16/2010 - 14:38

Not really understanding what you said.  You want to authenticate certain users to a different policy?  Usually with radius, once you hit a policy, you either pass or fail.  You specify a certain NAS  IP ADDRESS... this you cant get around.

philipp.wolf Wed, 03/17/2010 - 02:27

I have configured the AP with BSSID`s (in case four VLAN`s and every VLAN has it`s own SSID)

Every Vlan has a different ruleset (ACL`s on the Firewall).

Now I would like to assign the user as follows:

User: SSID:

Admin1 Admin

Client1 Client

On the Server I have configured diffent Remote-Access Policies but the Server isn`t able to distinguish

the Source SSID of the request.

At the moment the Server is not able to distinguish the source SSID or Vlan so every existing User on the Server is accepted for every VLAN.



This Discussion

Related Content



Trending Topics - Security & Network