I’m currently swapping another vendors NAC for Extreme and need to replicate the configuration.
There is a NAC rule that is configured as the following:
((Certificate Dictionary:Issuer contains xxxadminCA01 Or (Certificate Dictionary:Issuer contains xxxadminCA02 Or Certificate Dictionary:Issuer contains IssuingCA-01))
(RADIUS-IETF:Called-Station-ID ends with user.wifi And Certificate Dictionary:Subject Alternative Name - DNS ends with xxadmin.ad.customer.co.uk))
So individually I can configure the ‘Or’ and ‘And’ compound arguments via the ‘User Groups’ section shown in the image below. I can set the ‘Match Mode’ to ‘Any’ which is equivalent to ‘or’ for one group and ‘All’ being equivalent to ‘And’ for the other group.
This would though create two separate user groups, one with the ‘or’ and one with the ‘And’
The issue I have is creating the rule that joins them both together with an ‘And’ to match the full statement above.
See image below. With only a single instance of the condition ‘User Group’, how do I achieve the ‘And’ to for the two User Groups?
Many thanks in advance.