Solved

Multiple RADIUS policies for multiple SSIDs

Posted on 2013-06-03
3
1,763 Views
Last Modified: 2013-07-05
Hello!

I have a client that I'm trying to configure a Cisco Aironet 1041N for.  In total, we'll have three SSIDs - one for normal users, one for guests, and one for "other" users.  I'm using RADIUS in NPS under Server 2008 R2 for authentication.  I've created one policy that seems to work fine, but I'd like to have a different policy for each of the SSIDs, and I haven't found a good way to do that yet.  Can anyone point me in the right direction?

Thanks in advance!
0
Comment
Question by:MasterComputing
3 Comments
 
LVL 21

Expert Comment

by:Jakob Digranes
ID: 39218392
I haven't done this is quite a while, and then on 2003 IAS -
but you should be able to set Called-Station-ID to SSID; see attached picture

More here: http://support.microsoft.com/kb/822057

NPS Policy
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 320 total points
ID: 39218552
Jakob is correct... however, you need to format the Called-Station-ID string slightly differently to what is in the pic.

You need to format it like this...

*:YOURSSID

The *: part is important as that's the wildcard to match connection requests against.  If you just put the SSID in the string it'll never match as the user's MAC address is sent with the SSID.
0
 
LVL 62

Expert Comment

by:btan
ID: 39218966
Yap as both expert advised. You can also solve this by specifying the Called Station ID as a condition in the network policy, and use the pattern syntax $. E.g. If the name of the ssid is "WLAN" add the syntax "WLAN$". This means that it will match everything that ends with "WLAN".

Also note that regex works in Conditions. Called Station ID Constraint does not accept regex, only exact match.

Here is a list of pattern matching syntaxes to use: http://technet.microsoft.com/en-us/library/cc737419(WS.10).aspx

There is also other who uses the wlan id radius attribute. e.g. in step 15-17

https://lavazzza.wordpress.com/2010/05/29/wlc-school-for-network-admin%E2%80%99s-who-can-read-real-good-part-2-ok-so-it-has-been-awhile/
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Working settings for French ISP Orange "Prêt à Surfer" SIM cards for data connections only. Can't be found anywhere else !
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now