Looking to find a way to apply different policy when a user roams into a classroom or building. I dont think this is possible but maybe someone has accomplished this!
Scenario.. pervasive wireless access across a college campus. Student has full access policy/ACL outdoors. The student roams from Outdoor coverage into an Acedemic building where new policy needs applied... Such as blocking all public IP and allow all private IP for example.
I know I can change policy (new user role) during re-auth or intial login. Is there a way to change role/policy based on a roaming event? Maybe we can use Accounting packets in Clearpass to watch for a certain AP or AP-Group and trigger a CoA? I dont think this is possible.
Maybe a FW Policy rule can be added to always take into account the AP or AP-Group the user is connected? I dont think that is possible either.
I may be looking for something that doesnt exists but please prove me wrong!