Wireless Access

New Contributor

IAP-205 with NPS and AD Groups as ACLs

Hello all,

I have the following Wireless infrastructure:
IAP 205 -> 3 Hidden SSIDs -> Auth via NPS RADIUS.

The issue I am facing that Ive created 3 Active Directory groups called:

And also created 3 NPS rules with the same name as those groups above.
How can I tell Aruba or the NPS that only users in IT can join the IT SSID and Sales to Sales and so on.. Because right now IT can join Sales and RnD, and Sales can join IT and RnD and so on..

Thank you all

Re: IAP-205 with NPS and AD Groups as ACLs

The easiest way to achieve this would be using RADIUS attributes and the Aruba-Essid-Name attribute sent in the RADIUS packet. So your NPS policy would only send an ACCEPT if the Aruba-Essid-Name was correct. However somes NPS do not support some RADIUS attrbiutes. If not you can use the following work around below, this is for a physical controller based solution however the concept is still the same for Instants.





If my post addresses your query, give kudos:)
Search Airheads
Showing results for 
Search instead for 
Did you mean: