garrett_collier_jvkfgxxmhuloo's profile

32 Messages

 • 

682 Points

Wed, Jun 16, 2021 1:28 PM

SmartZone AAA WLAN Access

I have my AAA setup via Windows NPS as Radius in vSZ.

In ZoneDirector, I could map roles to grant access to specific WLANS based on the contents of vendor specific attribute 25053.

Is there a way to do this in SmartZone? I can't add the same AAA because of the error "Duplicate IP/Port is found in Authentication Server : Radius.Server, which is occupied by other customer." and I don't see a way to map roles to wlans, just traffic profiles.

I have looked at the vendor specific tab in SZ however, I don't see a way to map those attributes to wlans, so I don't want to go off on a tangent trying that, if it isn't possible.

Accepted Solution

32 Messages

 • 

682 Points

6 m ago

I ended up solving my own problem, but I would be interested to hear others' opinions on different methods.

I utilized the NAS ID User Defined Property and modified it in both WLANS that use 802.x Enterprise Authentication, I then added an extra constraint on the related NPS Policies based on the value the different WLANS supply so that they would cause the NPS policy to fail if the user wasn't in the correct AD OU AND attempted to join the WLAN with the wrong property.

Important Announcement