How do I allow acces to only certain radius clients for a given user?

Posted on 2009-02-12
Last Modified: 2012-05-06
I have IAS setup and functioning on 2k8 server to allow access to our Cisco switches and it's working fine.  Now I have a user who needs to be allowed to login and manage only certain switches and I'm not sure how to setup this "limit".  It appears that IAS goes through it's policies and as long as a policy matches an AD group that the user is in, the user is allowed to login to the switch.  I want to be able to somehow say that Person A can login to all the radius clients but Person B (in a different AD group) is only allowed to login to switch 1 but not switch 2.
Thanks in advance.
Question by:robbie_woodley
    1 Comment

    Accepted Solution

    OK, found the solution.  In the Network Policy, Conditions I needed to an entry for Client IPv4 Address.  MS means the radius client you've entered in IAS.  The bummer is that it looks like I will have to create a Network Policy for each one versus being able to group them within IAS somehow and simply specify the group.  But I'll take what I can get.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Suggested Solutions

    Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
    The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    6 Experts available now in Live!

    Get 1:1 Help Now