AD USER CAN AUTHENTICATE IN RESTRICTED WLAN

  • 1
  • Question
  • Updated 2 years ago
  • Answered
The setup is we have 2 WLAN (Student & Employee), the user used web authentication via AD. We create 2 groups in our AD (Student and Employee). Our problem is the student can connect to the Employee WLAN and employee can connect to the Student WLAN. We check the user credential in the ZD and it only belongs to one AD group. What would be the next step to be check in order to fix this issue. thanks!!
Photo of albert villamayor

albert villamayor

  • 2 Posts
  • 0 Reply Likes

Posted 2 years ago

  • 1
Photo of Michael Brado

Michael Brado, Official Rep

  • 2114 Posts
  • 297 Reply Likes

A common approach is to use different VLANs for Student/Employees, and you can use Roles that only permit their specific WLAN access, which can be sent back as a VSA from AD/802.1x.

KBA-2109, NPS Radius with AD: 

https://support.ruckuswireless.com/answers/000002109 

KBA-2946, User Roles on ZoneDirector:

https://support.ruckuswireless.com/answers/000002946

Photo of albert villamayor

albert villamayor

  • 2 Posts
  • 0 Reply Likes
thanks michael!! student and employee are already in separate vlan. i'll check again the Roles.