Sorry to bring up old subject, but at the moment I'm facing the same issue connecting WIFI using ACS as the Radius Gateway (ACS will connect to AD for user authentication process).
- On controller I have setup WLAN with WPA2-Enterprise authentication, set the auth-server to ACS.
- On ACS I have define controller as the client and test the process (AAA test server)
- On ACS, my customer use NAR (Network Access Restriction) features to restrict user access to certain SSID only. They using attribute called DNIS* | The called-station-ID (attribute 30) is used
- Their existing network are Cisco based but they're claiming that when using other brand (Motorola), the NAR rules are applied to the network and run smoothly.
- Attached are the sample of their NAR/DNIS configuration on the ACS
- My customer doesn't want to change their ACS setting, based on their claim that other vendor (Mtrla) can achieve the same result with their existing network.
The problem is, when using Aruba wifi, the NAR rules are not applied to the wifi network.
I have try using different method for the ssid name inside DNIS box. Using *SSID_Name or just SSID_Name didn't give me the result as I expected.
But when I disabled the NAR, I can connect to the SSID just fine.
So please confirm/help if anyone has ever have this setup with successful result:
- Is there any other thing that I have to setup on controller side?
- DNIS are using attribute 30 (as Cisco Documentation said), what is the relevance on Aruba side?