WLC 5508 Release 7.4.100.0 RADIUS PROBLEM
Hi,
Previously I was using 7.0.116.0 and there was no problem on Radius Authentication.
Client uses secure V2
After upgrading 7.4.100.0 Radius Authentication Successfull,
but Secure V2 continuously opens login page
Thanks
(Cisco Controller) >show wlan 2
WLAN Identifier.................................. 2
Profile Name..................................... Eduroam
Network Name (SSID).............................. eduroam
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Network Admission Control
Radius-NAC State............................... Disabled
SNMP-NAC State................................. Disabled
Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Number of Active Clients......................... 48
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 1800 seconds
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ eduroam_1
Multicast Interface.............................. Not Configured
--More-- or (q)uit
WLAN ACL......................................... unconfigured
DHCP Server...................................... 10.0.15.1
DHCP Address Assignment Required................. Disabled
Static IP client tunneling....................... Disabled
Quality of Service............................... Silver (best effort)
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
IPv6 Support..................................... Disabled
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ 193.140.164.5 1812
--More-- or (q)uit
Accounting.................................... Disabled
Dynamic Interface............................. Disabled
Local EAP Authentication......................... Disabled
Security
802.11 Authentication:........................ Open System
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Enabled
WPA (SSN IE)............................... Disabled
WPA2 (RSN IE).............................. Enabled
TKIP Cipher............................. Disabled
AES Cipher.............................. Enabled
Auth Key Management
802.1x.................................. Enabled
PSK..................................... Disabled
CCKM.................................... Disabled
FT(802.11r)............................. Disabled
FT-PSK(802.11r)......................... Disabled
FT Reassociation Timeout......................... 20
FT Over-The-Air mode............................. Enabled
FT Over-The-Ds mode.............................. Enabled
CCKM tsf Tolerance............................... 1000
--More-- or (q)uit
CKIP ......................................... Disabled
Web Based Authentication...................... Disabled
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Disabled
H-REAP Local Switching........................ Disabled
H-REAP Local Authentication................... Disabled
H-REAP Learn IP Address....................... Enabled
Client MFP.................................... Optional
Tkip MIC Countermeasure Hold-down Timer....... 60
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
SIP CAC Fail Send-486-Busy Policy................ Enabled
SIP CAC Fail Send Dis-Association Policy......... Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled
Mobility Anchor List
WLAN ID IP Address Status
Similar Messages
-
Upgrade WLC 5508 IOS 8.0.100
Hi
I wan to upgrade the IOS version on WLC 5508, but I do not is recommended,
Can you help me is recommended upgrade for this version?.
The apple devices have a problem with retry authentication constantly
regardsAfter WLC upgrade to 8.0.100 [ not in HA mode], the AP seem to be dropping out and reconnect using the fallback to IP- inspite of the statically configured IP on the AP
Running Outdoor mesh AIR-CAP1552E-N-K9 on WLC 5508
(Cisco Controller) >show boot
Primary Boot Image............................... 8.0.100.0 (default) (active)
Backup Boot Image................................ 7.6.101.2
=========
Last AP disconnect details
- Reason for last AP connection failure.................... The AP has been reset by the controller
- Last AP disconnect reason................................ Unknown failure reason
Last join error summary
- Type of error that occurred last......................... Lwapp join request rejected
- Reason for error that occurred last...................... No Mwar payload found in join request
- Time at which the last join error occurred............... Dec 03 00:05:26.114
AP disconnect details
- Reason for last AP connection failure.................... The AP has been reset by the controller -
Upgrade WLC 5508 to 7.4.121.0 problem
After I upgraded WLC 5508 from 7.2.111.3 to 7.4.121.0, all 3602i APs don't associate with the controller. All APs were working/associating with controller on 7.2.111.3 at same setting. IP address of APs are setup as DHCP.
The error message is "AP couldn't get IP address".
Any one has this type of problem when you upgrade WLC 5508 from 7.2.111.3 to 7.4.121.0.
Thanks,Hi,
This doesn't look like software issue.
You have to check why the APs are not able to get ip address. Try connecting a PC to a swtich port where one of these APs are connected and see if you are able to get IP on PC.
Also check if the DHCP server is reachable and if there are IP address in the pool assigned for APs.
HTH,
Thanks & Regards,
Ishant
*** Please rate the post if you find it useful *** -
WLC 5508 with 7.4.100.0 software
Hi All,
One of my client has a wireless setup with WLC 5508 and 1142N APs. It was running with a good coverage for access points when WLC was running with 7.0 software version. Last week I upgraded the software to latest 7.4.100.0 version. After that the coverage of APs are very low.
Can someone help me regarding this issue.
Thanks
SadiqI didn't have coverage issues per say, but my 1142 APs kept disassociating randomly
TAC suggested running these commands. Which has stopped the APs leaving the building.
> config 802.11a disable network
> config 802.11a 11nSupport a-mpdu tx priority all disable
> config 802.11a 11nSupport a-mpdu tx scheduler disable
> config 802.11a enable network
> config 802.11b disable network
> config 802.11b 11nSupport a-mpdu tx priority all disable
> config 802.11b 11nSupport a-mpdu tx scheduler disable
> config 802.11b enable network
Aggregation is the process of grouping packet data frames together rather than transmitting them separately. Two aggregation methods are available: Aggregated MAC Protocol Data Unit (A-MPDU) and Aggregated MAC Service Data Unit (A-MSDU). A-MPDU is performed in the software whereas A-MSDU is performed in the hardware.
Disables the 802.11n-5 GHz A-MPDU transmit aggregation scheduler. -
WLC 5508 + NPS MS-CHAP v2 Auth problems
Hi,
I am having a lot of trouble trying to set up a Cisco WLC 5508 to use NPS on Windows Server 2008 as it's authentication.
When a client attempts to connect to the WLAN, the authentication is denied on Windows 7/Vista/XP, however, on Mac/iOS clients, it asks to accept the certificate (this is a public cert, issued by Entrust - however, it is a wildcard cert..), but then it will connect.
So I have two questions:
1/ Why won't the windows clients authenticate? If I set up the WLAN profile on the windows machine, and I deselect "Validate server certificate", then they connect just fine....
2/ Is it possible to make it so the user is not prompted to accept the certificate? Why can't this certificate be validated locally by the client?
Thanks,
JoshLooks like it might have been an issue with that certificate, I don't know.
Either it didn't like the wildcard, or it didn't like the intermediate/root CA.
I downloaded a Comodo Trial SSL and plugged that in - works like a charm now! -
Anchor mobility configuration getting lost in wlc 5508 ios code 7.4.100.0
It is observed that in WLC 5508 , ios 7.4.100.0 , mobility anchor configuration on wlan is getting lost . we configure anchor ip address on guest wlan > mobility anchor > Switch IP Address (Anchor).
We have configured the template on NCS 2.0 to push the anchor mobility ip address on all WLC
Has anyone oberved this behavoiur. We have more than 100 WLC , and everyweek mobility anchor configuration is lost on some WLC having code 7.4.100.0.I am having this exact same problem. I am running 7.3 on 5508 WLC. My remote site LAP's are using Flex (HREAP). The initial access point that my laptop associates to connects with no problem, as soon as I wander out of range of the initial LAP and into the area of another access point, I lose data connectivity. The was validated like the original post as I start a constant ping on the LAN and watch as the ping latency increases and then ping replies stop. The only way to correct the problem is resetting of the wireless adapter on the laptop. Side note my DroidX has no problem wandering from AP to AP.
Laptop: Windows 7 32bit
I then returned to my home site and test where I have a secondary controller and the LAP's are configured for local mode, no problems roaming from access point to access point. Validated with constant ping test. The pings drop for a second and re-
continues as the laptop reconnects.
**Edit: I am going to try the removing the DHCP Addr. Assignment required option, and report that back to the TAC engineer.
Message was edited by: Michael Dunki-Jacobs
**Edit Solved:***
The problem is in deed solved by turning the "DHCP Address Required" but why? -
WLC 5508 WPA Authentication Problems
Hello,
We have a WLC 5508 with 7.4.100.0 Firmware.
We are using 1141 and 1142 APs and we are having authentication problems with clients that are connecting to our WLAN with WPA+AES autentication. The clients receive in her laptop a password error, and we receive the following log in wlc:
Client Excluded: MACAddress:f8:f1:eb:dd:ff:cd Base Radio MAC :08:ad:dd:76:4d:30 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.1x Authentication failed 3 times. ReasonCode: 4
The strange thing is that the problem is solved restarting the Access-points.
Anyone had this problem previusly?
Thanks in advance.I made the configuration using the Cisco Recommended settings, the strange thing its that the users connect normally, until they starts with authentication problems. I restart the access points and the problem its solved.
Cisco Recommended and not recommended Authentication Settings
Security encryption settings need to be identical for WPA and WPA2 for TKIP and AES as shown in this image:
These images provide examples of incompatible settings for TKIP and AES:
Note: Be aware that security settings permit unsupported features.
These images provide examples of compatible settings: -
Cisco WLC 5508 in HA mode error
Hai ,
I am Getting the below Error in Cisco WLC 5508, Version 7.4.100.0 in HAmode. The WLC contains Access Points having in local and Flex Connect Mode.
RF failure notification ErrorType: 32 Reason :Error: Config Sync failed on Standby for the usmdb:HA_send_usmDbApfMsDelete,
I sam a same bug in Cisco WLC 7.4.100.0 release notes similar to the error like
RF failure notification ErrorType: 32 Reason :Error: Config Sync failed on Standby for the usmdb:HA_send_usmDbSpamSetRadSlotAntennaType.
Any Ideas?HI Mohamed,
its a open Caveats in 7.4.100.0
CSCud26632
Symptom: The following SNMP trap appears on the controller when you change the channel width number to 40-MHz:
RF failure notification ErrorType: 32 Reason :Error: Config Sync failed on Standby for the usmdb:HA_send_usmDbSpamSetRadSlotAntennaType.
Conditions: Controller is in an HA pair. Join the 802.11n access point to the controller and change the channel width to 40-MHz and channel number to 157.
Workaround: None
http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn74.html
Reagrds
Please rate helpful posts -
Hi ,
I need to download a login banner page on our WLC 5508 version 7.4.100.60 but i am getting error and the logs is showing the following :
*TransferTask: Sep 11 11:05:04.248: #CLIWEB-3-BUFFER_TOO_LONG: cli_web_api.c:3240 Buffer for Login Banner too long (max = 1296 chars).
My FTP is working fine since i have upgraded the version using it and the .tar file which i am trying to upload is 50K can any body help on this pleaseMohammad,
Typically, login banners are .txt files. Please ensure the file that you are uploading is a .txt and not a .tar.
If you are unsuccessful in uploading the file through the Web GUI, might I suggest that you try it through CLI? Sometimes transfers just seem to work better through CLI.
Just in case you have any questions on the CLI transfer, I have this link for your reference:
www.cisco.com/en/US/docs/wireless/controller/7.0/configuration/guide/c70mfw.html#wp1132285
This is the Configuration Guide for the WLC.
Please let me know if this fixes your issue. If it does, please rate this answer and mark your question as Answered.
Charles Moreton -
Dear Community,
i have a small Q that should we configure any of distribution port of WLC 5508 with speed 10/100 to connect it with cisco's 3750 on fastethernet port.
By default WLC ports are gig ports so is there any comand or option to configure the port by decreasing its speedin wlc.
OR
could we connect them in the same status like wlc gig port wit switch 3750 fastethernet port and there will not any speed mismatch and it will work fine.Honestly on my behalf it will not work like this.
please advise what is the best practice to do that.i have a small Q that should we configure any of distribution port of WLC 5508 with speed 10/100 to connect it with cisco's 3750 on fastethernet port.Won't work because the 5508 will negotiate to 1Gb only.
-
WLC 5508 HA Problem Soft.ver 7.4.100
Dear Support,
we are using two WLC 5508 software ver.7.4.100 with first 50AP license and in the next day we add 50AP license again to the primary WLC. when we activate HA base in the following guiden http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-5/High_Availability_DG.html but when we doing test the failover we found a couple log message on the Secondary WLC like below and not for long time all AP on the Secondary WLC was drop off.
1. DP Critical Error
2. *RRM-DCLNT-2_4: May 23 07:43:53.204: #RRM-3-RRM_LOGMSG: rrmTables.c:682 RRM LOG: Could not retrieve RRM Coverage Measurement DataKey BSSID:34:db:fd:dd:3e:20,Key SlotId:0
*RRM-DCLNT-2_4: May 23 07:43:53.164: #RRM-3-RRM_LOGMSG: rrmTables.c:682 RRM LOG: Could not retrieve RRM Coverage Measurement DataKey BSSID:34:db:fd:dd:3e:20,Key SlotId:0
*RRM-DCLNT-2_4: May 23 07:43:52.854: #RRM-3-RRM_LOGMSG: rrmTables.c:682 RRM LOG: Could not retrieve RRM Coverage Measurement DataKey BSSID:2c:36:f8:72:fc:c0,Key SlotId:0
I also send a complete log for both problem above and enclose it with pdf file. need you advice and assistance,
regard, afriansyahI agree go to version 7.4.121.0 I has some strange issues on prior releases. Personally I am running 7.6.120.0 right now but that's mainly due to support for the 3702 access points.
http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-5/High_Availability_DG.html#pgfId-74573
that's a good guide just to double check yourself just in case. - -
WLC 5508 -7.4.100 mDNS Bonjour snooping
Hello
Have 7.4 installed and configured for Bonjour Snooping. All is working, but working too well. We have a large campus that house 2 schools and each school is complaining that they can see the other schools AppleTV devices.
I have played around with a few different scenarios to see if I can localize the bonjour traffic.
I guess I am looking to create a logical split for bonjour devices amoung the schools.
Apple came to the school and informed us that the IPAD has a limit of 64 devices that can be seen via the bonjour. At some point we will have over 100 AppleTV added.
so we have 3 wlc 5508's with 7.4.100
we have 2 SSIDs that span the whole campus
using AP groups to segment the floors in buildings
So the schools are logically split with AP groups
Here is what I have tried
I created few mDNS profiles and assigned the services for Apple TV - let's call them school1 and school2
I assign the mDNS profiles to the interfaces dedicated each school
enable snooping on the WLAN with profile of none
The end result is that devices from both schools can be seen.
I tried to create new ssid for apple TVs and a new ssid for 1 schools teachers
I followed the vlan select example
http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_tech_note09186a0080bb1d7c.shtml
end result is that devices from both schools can be seen
I have tried the mDNS without multicast enabled just like the video shows to no avail - I assume maybe my AP groups might be more complicated then the example of just 2 vlans
https://supportforums.cisco.com/community/netpro/wireless-mobility/begin-wireless/blog/2013/01/01/wireless-lan-controller-wlc-release-74--bonjour-gateway-configuration-example
I have tried combinations of things, but I must be missing something
In the webinar, Cisco said it will use filtering to restrict which clients can see which services (Apple TV's, etc). What will Cisco use to filter Bonjour requests?
according to this article
http://www.pcadvisor.co.uk/news/network-wifi/3376119/cisco-answers-user-questions-about-upcoming-apple-bonjour-gateway/#ixzz2SIDqFH49
The filtering options are: · Per WLAN/SSID · Per VLAN or AP Group · Per Interface Group (which is a group of VLANs pooled together).
A Bonjour service policy can be created and applied on any one of the above criteria. In the future, we will support per-user Bonjour service policies which will come as a RADIUS attribute from the AAA server.
Read more: http://www.pcadvisor.co.uk/news/network-wifi/3376119/cisco-answers-user-questions-about-upcoming-apple-bonjour-gateway/#ixzz2SZqMYpdh
Cheers
Any insight would be appreciatedHere are the ACLs for the controller
acl create BlockBonjour
acl apply BlockBonjour
acl counter start
acl rule add BlockBonjour 1
acl rule add BlockBonjour 2
acl rule action BlockBonjour 1 deny
acl rule action BlockBonjour 2 permit
acl rule destination address BlockBonjour 1 224.0.0.251 255.255.255.255
acl rule destination address BlockBonjour 2 0.0.0.0 0.0.0.0
acl rule destination port range BlockBonjour 1 0 65535
acl rule destination port range BlockBonjour 2 0 65535
acl rule source address BlockBonjour 1 0.0.0.0 0.0.0.0
acl rule source address BlockBonjour 2 0.0.0.0 0.0.0.0
acl rule source port range BlockBonjour 1 0 65535
acl rule source port range BlockBonjour 2 0 65535
acl rule direction BlockBonjour 1 In
acl rule direction BlockBonjour 2 Any
acl rule dscp BlockBonjour 1 Any
acl rule dscp BlockBonjour 2 Any
acl rule protocol BlockBonjour 1 Any
acl rule protocol BlockBonjour 2 Any
acl apply BlockBonjour ipv6 acl create BlockAllIPv6
ipv6 acl apply BlockAllIPv6
ipv6 acl rule add BlockAllIPv6 1
ipv6 acl rule action BlockAllIPv6 1 deny
ipv6 acl rule destination address BlockAllIPv6 1 :: 0
ipv6 acl rule destination port range BlockAllIPv6 1 0 65535
ipv6 acl rule source address BlockAllIPv6 1 :: 0
ipv6 acl rule source port range BlockAllIPv6 1 0 65535
ipv6 acl rule direction BlockAllIPv6 1 Any
ipv6 acl rule dscp BlockAllIPv6 1 Any
ipv6 acl rule protocol BlockAllIPv6 1 Any
ipv6 acl apply BlockAllIPv6
Apply to wlan: The wlan index is used in this case, the first wlan created on controller
wlan acl 1 BlockBonjour
wlan ipv6 acl 1 BlockAllIPv6 -
WLC 7.6.120.0 Radius problems with FreeRadius server
Hi there
we have 3 WLC 5508 with version 7.6.120.0 and 2 FreeRadius servers. In the WLC log we see a lot of "radius auth-server unavailable" messages and some users can not authenticate against our dot1x (PEAP).
The problems occur most of the time, when there are a lot of WLAN clients trying to connect to the SSID at the same time.
Does anybody have the same problems or are there any known bug for this phenomena?
Thanks in advance and best regards
AnnaHi Anna
your problems seems to be this bug here: https://tools.cisco.com/bugsearch/bug/CSCuo96366
Symptom:
Clients are not able to Authenticate at Peak loads when using FreeRadius.
Conditions:
Using Freed radius (most susceptible), we observe at high auth rate and if Radius server is not responding to all Radius packets in seq order or if the server is slow, WLC when wraps around 0-255 Radius ID's, it does not do a check when posting new packet.
So essentially you have 2 packets with same ID being presented to AAA server.
Workaround:
Recover's when load is reduced.
Further Problem Description:
So far, issue has not been brought to notice while using ISE/ACS/NPS.
There are two possible solutions I see:
1. Downgrade to an earlier WLC version <7.6 (e.g. 7.4.121.0)
2. Try to have another radius server in between (radius proxy, e.g. Cisco ACS or Microsoft NPS)
Best regards
Dominic -
WLC 5508 8.0.100 AP dropout anf fallback issue
After WLC upgrade to 8.0.100 [ not in HA mode], the AP seem to be dropping out and reconnect using the fallback to IP- inspite of the statically configured IP on the AP
Running Outdoor mesh AIR-CAP1552E-N-K9 on WLC 5508
(Cisco Controller) >show boot
Primary Boot Image............................... 8.0.100.0 (default) (active)
Backup Boot Image................................ 7.6.101.2
=========
Last AP disconnect details
- Reason for last AP connection failure.................... The AP has been reset by the controller
- Last AP disconnect reason................................ Unknown failure reason
Last join error summary
- Type of error that occurred last......................... Lwapp join request rejected
- Reason for error that occurred last...................... No Mwar payload found in join request
- Time at which the last join error occurred............... Dec 03 00:05:26.114
AP disconnect details
- Reason for last AP connection failure.................... The AP has been reset by the controllerWe downgraded the WLC to 7.4.121.0 and finally got rid of the DHCP problem
But encountered a new issue
The WGB once connected to the mesh AP does not reconnect to the network , auth failure- AIR-SAP1602E-Z-K9 running - ap1g2-k9w7-mx.152-2.JB2
Local EAP auth configured for WGB client on the WLC
Looks more like the WGB stuck in a state , unable to negotiate its credentials
Controller log
*dot1xMsgTask: Mar 24 10:33:52.737: #DOT1X-3-WPA_SEND_STATE_ERR: 1x_kxsm.c:1404 Unable to send EAPOL-key msg - invalid WPA state (0) - client f4:0f:1b:23:03:37
Attached is the debug and client status from WLC
Any idea what is going on
Thanks -
Cisco WLC 5508
Software Version: 7.4.100.0
Windows Server 2008R2
I've got everything setup on the Windows Server 2008 side of things (certificates, radius clients, etc)
I added the radius server on the WLC, and configured a new WLAN to use it.
Both are on the same subnet.
When trying to conect to the WLAN it kept failing. I installed wireshark on the server to monitor the radius traffic, and to my surprise there was no radius traffic showing up on the server. The radius statistics on the WLC are at 0 as well, so it's like the WLC isn't even attempting Radius.
I reverified that the server was enabled on both the security tab and the WLAN itself on the WLC. Rebooted the controller and the server, all to no avail. I used a radius test client, and can successfully send radius commands to the server using that utility.
Frustrated, I just kept trying to reconnect on my wireless device, and after about the 15th try, finally I saw radius activity on wireshark. It rejected my access, but at least I saw activity. It also registerd radius statistcs on the WLC as well.
So now if I keep trying to connect repeatedly, about every dozen or so times the WLC actually will send a radius request to the server.
What in the world is going on here?I do have local management users on the controller.
Some hours later I added the option of authenticating management users, for the NPS server. Then logged inn to the management GUI using NPS radius, worked just fine.
However, these commands have been useful to me several times, to make sure unsuccessful requests appear in the Windows Event log:
auditpol /get /subcategory:"Network Policy Server"
If it shows ‘No auditing’ or just "Success", you can run this command to enable it:
auditpol /set /subcategory:"Network Policy Server" /success:enable /failure:enable
So now I know that the NPS radius server works, for management access. I will go to the customer's site some other day to test it for 802.1x authentication. If not, I'll do some debugging to decide wihich to blame - the WLC or NPS.
Maybe you are looking for
-
Best way to save images streamed from web to device?
We have an app for browsing a catalog that streams content from a web server. There is an image for each product, some in JPG format and some in PNG format. Our server is fast and reliable so everything has been running smoothly so far, but we'd like
-
Mac OS X srever newbe and ichat
Hi, I'm trying to set up a new mac mini server in a public school. But I'm having problems with iChat server. Firstly,I cannot turn it off in Server Preferences, the green balloon is always on (always). Also in the Server admin -> settings -> general
-
Hi, tell me please is it possible and if yes - how to do it. The situation: I enter into field value, that should be link in the web (www.google.com) and then when I see report with this values I want to be active this link for immediate use. Is it p
-
Does anybody know how to separate an underlying excel page from the created dashboard on which it is based on? I would really appreciate specifics if possible. Thanks!!
-
NPS, wifi, multiple SSIDs - multiple policies?
We are setting up a new wireless network with multiple SSID's. We plan on having an internal network, a guest network, and a personal devices network. The questions is how do authenticate against multiple policies on the same NPS server? Our curre