Hi Stefano,
Answers to your questions are below.
________________________________________________________________________________________________
Question: can i assign a VLAN to John DPSK and another to Peter DPSK based on group mapped from Organizational Unit of GSUITE?
Answer: This will be possible in 5.9.5324 Cloudpath version, where a new option was introduced to add radius policy to the DPSK pool and assign vlan ID on it.
How to implement for 2 groups (Staff and Student for example)
Workflow
Step 1: Policy acceptance
Step 2: SSID split
Step 3: User auth completes.
Step 4: After the user authentication, create a split for 2 groups as shown below.
Modify the Split by clicking on the pencil icon(e.g. Student)
Select Filter and restriction>>>Group name pattern: <AD Group name>, click Save.
Similarly modify the split Staff.
Select Filter and restriction>>>Group name pattern: <AD Group name> ,click Save.
NOTE: <AD Group name> In my case is Staff and Student.
Step 5: Generate a DPSK in DPSK Pool for both the splits separately.(Create 2 different DPSK pool)
POLICY:
- Configuration>>>>Policies
1: Create 2 Radius Attribute groups and under Vlan ID specify which you want to specify for the group.
2: Create 2 Radius Policy groups.
Map the appropriate radius attribute group to the policy, like highlighted as above.
DPSK POOLS:
- Configuration>>>>DPSK Pools
Under radius policies in Staff DPSK Pools, map the radius policy created in previous step.
Under radius policies in Student DPSK Pools, map the radius policy created in previous step.
Republish the workflow and test the behavior.
_____________________________________________________________________________________________________
Question: now we'd like to "evolve" using Gsuite as a 802.1X, via Cloudpath, is it possible?
Answer: Yes it is, you can use 802.1x authentication using certificates.
