06-16-2021 06:28 AM
I have my AAA setup via Windows NPS as Radius in vSZ.
In ZoneDirector, I could map roles to grant access to specific WLANS based on the contents of vendor specific attribute 25053.
Is there a way to do this in SmartZone? I can't add the same AAA because of the error "Duplicate IP/Port is found in Authentication Server : Radius.Server, which is occupied by other customer." and I don't see a way to map roles to wlans, just traffic profiles.
I have looked at the vendor specific tab in SZ however, I don't see a way to map those attributes to wlans, so I don't want to go off on a tangent trying that, if it isn't possible.
Solved! Go to Solution.
06-16-2021 07:40 AM
I ended up solving my own problem, but I would be interested to hear others' opinions on different methods.
I utilized the NAS ID User Defined Property and modified it in both WLANS that use 802.x Enterprise Authentication, I then added an extra constraint on the related NPS Policies based on the value the different WLANS supply so that they would cause the NPS policy to fail if the user wasn't in the correct AD OU AND attempted to join the WLAN with the wrong property.