• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2150
  • Last Modified:

Multiple RADIUS policies for multiple SSIDs

Hello!

I have a client that I'm trying to configure a Cisco Aironet 1041N for.  In total, we'll have three SSIDs - one for normal users, one for guests, and one for "other" users.  I'm using RADIUS in NPS under Server 2008 R2 for authentication.  I've created one policy that seems to work fine, but I'd like to have a different policy for each of the SSIDs, and I haven't found a good way to do that yet.  Can anyone point me in the right direction?

Thanks in advance!
0
MasterComputing
Asked:
MasterComputing
1 Solution
 
Jakob DigranesSenior ConsultantCommented:
I haven't done this is quite a while, and then on 2003 IAS -
but you should be able to set Called-Station-ID to SSID; see attached picture

More here: http://support.microsoft.com/kb/822057

NPS Policy
0
 
Craig BeckCommented:
Jakob is correct... however, you need to format the Called-Station-ID string slightly differently to what is in the pic.

You need to format it like this...

*:YOURSSID

The *: part is important as that's the wildcard to match connection requests against.  If you just put the SSID in the string it'll never match as the user's MAC address is sent with the SSID.
0
 
btanExec ConsultantCommented:
Yap as both expert advised. You can also solve this by specifying the Called Station ID as a condition in the network policy, and use the pattern syntax $. E.g. If the name of the ssid is "WLAN" add the syntax "WLAN$". This means that it will match everything that ends with "WLAN".

Also note that regex works in Conditions. Called Station ID Constraint does not accept regex, only exact match.

Here is a list of pattern matching syntaxes to use: http://technet.microsoft.com/en-us/library/cc737419(WS.10).aspx

There is also other who uses the wlan id radius attribute. e.g. in step 15-17

https://lavazzza.wordpress.com/2010/05/29/wlc-school-for-network-admin%E2%80%99s-who-can-read-real-good-part-2-ok-so-it-has-been-awhile/
0

Featured Post

[Webinar] Kill tickets & tabs using PowerShell

Are you tired of cycling through the same browser tabs everyday to close the same repetitive tickets? In this webinar JumpCloud will show how you can leverage RESTful APIs to build your own PowerShell modules to kill tickets & tabs using the PowerShell command Invoke-RestMethod.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now