I have some issues with my current wifi/authentication design and need some help. When a user connects to an AP via a certain SSID, I want them to be allowed or blocked based on membership in our Network Policy Server. For example, when a student attempts to connect to the staff network, I want it to not authenticate him or her.
My APs all broadcast multiple SSIDs--most of which require authentication. However, any login works on any network because the AP as a RADIUS client just dumps the requests to the RADIUS server. The RADIUS server has no idea which SSID gave it the request, and just uses the first criteria to determine authentication.
Is there anyway to get my NPS server to approve only certain groups for certain networks?