Hi Venu ,
Sorry for the late reply . In our wireless setup we are allwing only internet access for employees and guests. We are tunneling this traffic to guest controller in DMZ segment.
We are authenticating employees using LDAP and guests by internal database. Hence we have created a wired AAA profile and we associated with captive portal . In that captive portal we have given LDAP and internal DB server group.
Hence now clients are able to connect to any of the two SSID (employee and guest) using their credentials . say guest is able to connect to employee ssid and employee alos able to connect to guest ssid. Is there any way to limit this ? hence is it possible to put multiple AAA wired profiles based on SSID?