Hi,
I have some users connecting to a ssid (let´s call it NetworkA) where authentication is done with Microsoft radius to AD.
Is it somehow possible to automatic deny access to other ssid for a device that´s connected to NetworkA?
Regards
Robert
What you can do is block access to SSID from the Clients tab. You can import all the MAC addresses and block them.
it´s a way, but not a pretty way 😃
@RVilhelmsen why would a user, that has an active connection to network A SSID then try and connect to the second SSID also how would you having them authenticate on the second ssid ?
maybe some users connect to a less restricted network 😉
Then I would use group policies, once a user has connected to an SSID, assign the policy and then every-time that device connects the policy will control wheat they can do and where. they can go
how can i block access to other ssid from a group policy?
OK, let me set up a lab to have a look at the best way to do this for you, may take a couple of days, if thats OK
Thank you - that´s super fine.
I am stuck and can´t figure out a automatic way to do this.
Use dot1x to authenticate the second SSID, and configure RADIUS not to allow the first group of users to connect to it.
I can´t as the other ssid is a guest ssid.
Use one SSID with iPSK, default it to public VLAN on the RADIUS server and set it so that known MAC addresses go to corporate VLAN.