cancel
Showing results for 
Search instead for 
Did you mean: 

AD USER CAN AUTHENTICATE IN RESTRICTED WLAN

albert_villamay
New Contributor
The setup is we have 2 WLAN (Student & Employee), the user used web authentication via AD. We create 2 groups in our AD (Student and Employee). Our problem is the student can connect to the Employee WLAN and employee can connect to the Student WLAN. We check the user credential in the ZD and it only belongs to one AD group. What would be the next step to be check in order to fix this issue. thanks!!
2 REPLIES 2

michael_brado
Esteemed Contributor II

A common approach is to use different VLANs for Student/Employees, and you can use Roles that only permit their specific WLAN access, which can be sent back as a VSA from AD/802.1x.

KBA-2109, NPS Radius with AD: 

https://support.ruckuswireless.com/answers/000002109 

KBA-2946, User Roles on ZoneDirector:

https://support.ruckuswireless.com/answers/000002946

albert_villamay
New Contributor
thanks michael!! student and employee are already in separate vlan. i'll check again the Roles.