This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

User Profile Assignment for WPA2 Enterprise users

User Profile Assignment for WPA2 Enterprise users

Simon9
New Contributor

‎01-03-2023 01:22 AM

Hi,

in our configuration we have a guest networks that is used by guests and also employees from our company. It uses a wpa2 enterprise with ExtremeCloud IQ Authentication Service.

What i was trying to do is apply a different classification between guests and employees to avoid CWP for Policy Acceptance for employees. Both will be assigned to the same vlan and i'd like to keep a single ssid. So i activate the option "Apply a different user profile to various clients and user groups."

Simon9_0-1672737003217.png

And as ASSIGNMENT RULES I created a dedicated UPA with classification based on User Group. But there it seems that this is made only for Private PSK. 

Simon9_1-1672737121728.png

It is also showing non PPSK group but then it seems to not be working correctly when using this as classification.

Has someone had the same experience? Did someone find a way to solve this problem?

Thank you

0 Kudos
3 REPLIES 3

Simon9
New Contributor

‎01-17-2023 02:33 AM

Thank you James,

I think that we have two problem in one. One of them can be resolved by your solution, the other is that is seems that the classification is working only for PPSK and not for WPA2 enterprise device.

0 Kudos

Charlotte6385
New Contributor

‎01-06-2023 01:48 AM - edited ‎01-08-2023 09:20 PM

For me exactly the same ... really annoying! MyJohnDeere

0 Kudos

James_A
Valued Contributor

‎01-05-2023 09:30 PM

I had something similar, see https://community.extremenetworks.com/t5/extremecloud-iq/show-user-role/td-p/89228 where I note "bypass-cwp is an attribute of user-profile, not user-profile-mapping" so you'll need two user profiles that point to the same VLAN.

0 Kudos
GTM-P2G8KFN