How do I allow acces to only certain radius clients for a given user?

Posted on 2009-02-12
Medium Priority
Last Modified: 2012-05-06
I have IAS setup and functioning on 2k8 server to allow access to our Cisco switches and it's working fine.  Now I have a user who needs to be allowed to login and manage only certain switches and I'm not sure how to setup this "limit".  It appears that IAS goes through it's policies and as long as a policy matches an AD group that the user is in, the user is allowed to login to the switch.  I want to be able to somehow say that Person A can login to all the radius clients but Person B (in a different AD group) is only allowed to login to switch 1 but not switch 2.
Thanks in advance.
Question by:robbie_woodley
1 Comment

Accepted Solution

robbie_woodley earned 0 total points
ID: 23628011
OK, found the solution.  In the Network Policy, Conditions I needed to an entry for Client IPv4 Address.  MS means the radius client you've entered in IAS.  The bummer is that it looks like I will have to create a Network Policy for each one versus being able to group them within IAS somehow and simply specify the group.  But I'll take what I can get.

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question