We help IT Professionals succeed at work.

How do I allow acces to only certain radius clients for a given user?

Medium Priority
Last Modified: 2012-05-06
I have IAS setup and functioning on 2k8 server to allow access to our Cisco switches and it's working fine.  Now I have a user who needs to be allowed to login and manage only certain switches and I'm not sure how to setup this "limit".  It appears that IAS goes through it's policies and as long as a policy matches an AD group that the user is in, the user is allowed to login to the switch.  I want to be able to somehow say that Person A can login to all the radius clients but Person B (in a different AD group) is only allowed to login to switch 1 but not switch 2.
Thanks in advance.
Watch Question

OK, found the solution.  In the Network Policy, Conditions I needed to an entry for Client IPv4 Address.  MS means the radius client you've entered in IAS.  The bummer is that it looks like I will have to create a Network Policy for each one versus being able to group them within IAS somehow and simply specify the group.  But I'll take what I can get.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.