IAS setup for VLAN assignment by group

Posted on 2009-02-11
Last Modified: 2013-12-09
Hello there, I currently have RADIUS authentication for our wireless users, but now I need to set the vlan assignment by group membership and I'm not sure how to setup the rule in IAS remote access policies to do that.  Do I need a third-party software/hardware to do this or can I do it natively in MS IAS?  

Ok I just tried some rules and I realized I need to give you more information.
I have to wireless SSIDs one called staff and one called students on seperate vlans.  
I am currently using IAS for authentication with one wireless rule.
I have different firewall rules for each vlan i.e. staff unrestricted and students restricted.  The problem is that if they change their SSID manually to the staff one they get on the unrestricted wireless.

I need to make that anyone who is a member of the student group can only get an IP address on the student vlan.

Thanks in advance,

Question by:yorkschool

    Accepted Solution

    Using some information from one of the other questions here I figured out how to do it.
    I created a new group and put the students in them.
    Then I put a rule in IAS before the current rule for that all users are currently using, stating that members of that group had to be on the student vlan.  I set the vlan info by editing the profile within that rule to include the vlan number as shown in the picture I've included.

    If more detail is needed let me know and I'll go through it step by step.




    Expert Comment

    I'm facing a problem configuring IAS to work with Cisco switch for VLANs, I have my IAS configured with a policy that having the same configuration like the above pic but I dont know what's the exact configuration have I do on my Cisco switch.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Join & Write a Comment

    For Sennheiser, comfort, quality and security are high priority areas. This paper addresses the security of Bluetooth technology and the supplementary security that Sennheiser’s Contact Center and Office (CC&O) headsets provide.  
    This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
    This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

    732 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now