One SSID - redirect to two different vlans.


Hi all.
Is there anybody who knows how to configure One SSID on IdentiFi and redirect users to two different vlan's according to their Authenticatin method. One Vlan for EAP-TLS and one Vlan for EAP-PEAP?
We use Windows 2012R2 for Radius.

4 replies

Userlevel 4
You have to create two nps rules with different auth methods enabled. Every rule includes radius attribute to redirect the user in the right vlan.

Here is a link to ms knowledge how you could append the radius attributes to steer the vlan:

https://technet.microsoft.com/en-gb/library/cc772124%28v=ws.10%29.aspx
Thanks.
I will check this out soon.
Userlevel 5
You can also return a Filter ID applying different roles to the users.
The roles is defined on the controller.
The roles allow for "firewall like" rules to be applied to individual users on the same SSID, including Vlan, Rate limit, QOs ect...
Userlevel 7
Check out: https://youtu.be/yJ1KAW6HHRA?list=PLvQMiI4QwvHQJc9iyfGAOB7qFdqNmqmyD
It may help point you in the right direction.

Reply