I have configured a WPA2-Enterprise SSID on my ExtremeCloud IQ Controller with EAP-TLS machine authentication with a Windows NPS server for the RADIUS part.
The Windows NPS server checks the group membership of the machine and returns the VLAN placement information to the controller.
So far so good, everything works as expected. The machines are placed in their respective VLAN's and they receive IP's from their respective DHCP scopes.
I have only the issue, that the roles are not applied like I want them to. On the SSID I've defined the Default Auth Role as "Quarantine" and this is the role that all the machines get, although I've created some Rules in the "OnBoard" page that should place them in other roles.
As I've already said, everything works fine, but I'm unsure why the roles are not applied correctly. Can someone point me to why my configuration behaves that way?
Thank you.
