beardog1113
asked on
Cisco autonomous AP SSID mapping with NPS policy
hello experts
i will using Cisco autonomous AP to setup wireless network for users, they will separated with VLAN for wireless they will using different SSID base on different department, i will using NPS as the authentication server, my question is how can i mapping different SSID to different policy on NPS?
on the NPS configuration wizard i noticed that there is a option calling-station-ID and called-station-ID, not sure i can using this option or not, but i don't know how to configure calling called station ID on SSID, please advice.
thank you
i will using Cisco autonomous AP to setup wireless network for users, they will separated with VLAN for wireless they will using different SSID base on different department, i will using NPS as the authentication server, my question is how can i mapping different SSID to different policy on NPS?
on the NPS configuration wizard i noticed that there is a option calling-station-ID and called-station-ID, not sure i can using this option or not, but i don't know how to configure calling called station ID on SSID, please advice.
thank you
ASKER
ASKER
and i just tried it as the screenshot setting, but not works, please advice.
thank you
thank you
Can you post the NPS log?
ASKER
is this fine?
thanks
<Event><Timestamp data_type="4">09/21/2017 15:31:18.418</Timestamp><C omputer-Na me data_type="1">APCNHKGNPS1< /Computer- Name><Even t-Source data_type="1">IAS</Event-S ource><Use r-Name data_type="1">AAIGROUP\ips oscn1.gues t</User-Na me><Framed -MTU data_type="0">1400</Framed -MTU><Call ed-Station -Id data_type="1">c89c.1daa.d9 22</Called -Station-I d><Calling -Station-I d data_type="1">04f7.e482.f6 96</Callin g-Station- Id><Vendor -Specific data_type="2">0000372A020F 4368696E61 2C4265696A 696E67</Ve ndor-Speci fic><Servi ce-Type data_type="0">1</Service-T ype><NAS-P ort-Type data_type="0">19</NAS-Port -Type><NAS -Port data_type="0">4028</NAS-Po rt><NAS-Po rt-Id data_type="1">4028</NAS-Po rt-Id><NAS -IP-Addres s data_type="3">10.137.31.67 </NAS-IP-A ddress><NA S-Identifi er data_type="1">AP-BJ-AP-01< /NAS-Ident ifier><Cli ent-IP-Add ress data_type="3">10.137.31.67 </Client-I P-Address> <Client-Ve ndor data_type="0">9</Client-Ve ndor><Clie nt-Friendl y-Name data_type="1">ALL_APAC</Cl ient-Frien dly-Name>< Cisco-AV-P air data_type="1">ssid=MF</Cis co-AV-Pair ><Cisco-AV -Pair data_type="1">service-type =Login</Ci sco-AV-Pai r><Proxy-P olicy-Name data_type="1">Use Windows authentication for all users</Proxy-Policy-Name>< Provider-T ype data_type="0">1</Provider- Type><SAM- Account-Na me data_type="1">AAIGROUP\ips oscn1.gues t</SAM-Acc ount-Name> <Fully-Qua lifed-User -Name data_type="1">AAIGROUP\ips oscn1.gues t</Fully-Q ualifed-Us er-Name><C lass data_type="1">311 1 10.137.8.49 05/16/2016 01:26:45 8867388</Class><Authentica tion-Type data_type="0">5</Authentic ation-Type ><Packet-T ype data_type="0">1</Packet-Ty pe><Reason -Code data_type="0">0</Reason-Co de></Event >
thanks
<Event><Timestamp data_type="4">09/21/2017 15:31:18.418</Timestamp><C
ASKER
hello, any ideas?
thank you
thank you
Can you pull the log from the Windows Custom Logs please, they're easier to interpret?
ASKER
hello Craig
i did try it but i could not find related log from windows log, what i should do to filter such log out?
thank you
i did try it but i could not find related log from windows log, what i should do to filter such log out?
thank you
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
.*:(YOUR_SSID)$