This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

One Radius Server, when all users got network access can we apply some users to management-access for accessing to the switches

One Radius Server, when all users got network access can we apply some users to management-access for accessing to the switches

Erhan_YILDIZ
New Contributor

‎01-25-2016 11:25 AM

Hello,

I have B5 switches and S8 backbone and windows server 2008.

I have radius server 802.1x and its working well.
My configuration on switch is;

set radius enable
set radius server 1 x.x.x.x 1812:secret_key realm network-access

Now, I want apply some users to access switch via radius or active directory.
For this I need to implement,

set radius server 1 x.x.x.x 1812:secret_key realm any-access

But, after doing this all clients can access as a management access.

My goal is with "one radius server" I want to give some clients permission to access switch and all others to only network-access.

Is this possible with one radius server.
If it is possible on windows server side what should I do?

Thanks,
Best Regards

0 Kudos
1 REPLY 1

Andre_Brits_Kan
Contributor II

‎01-25-2016 02:28 PM

Hi Erhan You can do this by creating different Network access policies in Microsoft NPS. As part of the matching criteria you will specific the Switch IP as a NAS Identifier and the required windows group that you want to give access. Ensure that this policy is above the other 802.1x network access policy in NPS. Regards Andre
0 Kudos
li.common.scroll-to.top
GTM-P2G8KFN