03-25-2015 10:27 AM
Is it possible to implement the following scenario using Aruba Controller and Microsoft NPS.
I would like to use one SSID and put users to a different vlan using their AD Group membership. I know this is working I have tested it, but what if we have multiple buildings and they are using different VLAN IDs?
AD Group Sales --> VLAN ID 10
AD Group Engineer --> VLAN ID 11
AD Group Marketing --> VLAN 12
AD Group Sales --> VLAN ID 20
AD Group Engineer --> VLAN ID 21
AD Group Marketing --> VLAN 22
and so on.
What is the best way to separate buildings in this configuration? Is it possible to use for example AP Group as NAS Identifier or something similar? Then I could create specific rule in NPS.
Is this possible?
03-25-2015 01:20 PM
I figured this out. Just duplicate the radius server settings and create a new server group for every building. Define different NAS ID for every building. After that it is just creating NPS network policies.
Any other options to implement this?