Dale, One of our engineers thinks this may help.
- Cisco controllers include SSID name in Called Station ID attribute in RADIUS request. Try modifying the policy conditions on your NPS server to check the SSID for this attribute. Trent Avenda Systems -----Original Message----- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[email protected]] On Behalf Of Kaye,Dale Sent: Tuesday, March 01, 2011 6:23 AM To: [email protected] Subject: [WIRELESS-LAN] Setup secured SSID & Cisco Webauth SSID with NPS I am in the process of trying to setup Cisco Webauth for our "non-college owned equipment" using Server 2k8 r2's NPS. What we want to have is: SSID #1 (for all users on a college owned device) - Secured WPA(2)/AES, can be used by staff or students on a device that is a member of the domain or a member of "wireless users" group for the odd PC/Mac that is not on the domain. SSID #2 (for all users on a personal device) - Open using Webauth with a RADIUS policy allowing all domain users, with no computer restrictions. We have both RADIUS policies setup. However right now, if we put the policy for SSID #1 to the top of the processing order the Webauth policy will not authenticate users to SSID #2. If we put the Webauth policy to the top of the processing order, the policy for SSID #1 stops authenticating users. Is there a way in NPS to state that Policy #1 is used for SSID #1 & Policy #2 is used for SSID #2? Or is there a better way to achieve the authentication to both SSIDs? Thanks Dale Kaye Information Services Specialist NSCC - Pictou Campus ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
