Frequent Contributor II

AD+SHL source base authentication



1) I have configured EMPL ssid for vlan 10 & vlan 20 & that is working fine.


vlan 10 enforcement(for internal lan access) = AD + machine authentication

vlan 20 enforcement(for full internet access) = AD + Endpoint (make mac id as Known)


2) Now i am configuring ADMIN ssid for 50  non domain devices.


vlan 30 enforcement(for limited internet access) = AD + mac auth (Static host list)

vlan 40 enforcement (for specific internet access) = AD + mac auth (Static host list)


I have creaded 50 static host entry with respective name & discription.

I have created 5 authentication source(static host group) & add the respective static host in there group.

I have created 5 enforcement policies for 5 static host group.



I want to assign 5 static host group to 5 enforcement policies.

Can some one tell me that, what should i configure in service. i.e. authentication source, authorization, role, enforcement & rule.


Thanks in advance....




Re: AD+SHL source base authentication

In the enforcement policy use the Connection > Client MAC address >Belongs to group and the select SHL group
Thank you

Victor Fabian
Lead Mobility Architect @WEI
Frequent Contributor II

Re: AD+SHL source base authentication

Thanks for reply...


For time being i hv assigned SHL but as i said i hv added SHL per mac id & there is only single mac id entry.

I hv created 5 authentication source entry & i hv added SHL in respective source.

Now i want to to authentication through authentication source group.


Search Airheads
Showing results for 
Search instead for 
Did you mean: