bigstusexy
2[H]4U
- Joined
- Jan 28, 2002
- Messages
- 3,194
Thought I'd ask you guys while I'm thinking.
We use NPS at work to do authentication for wireless and I'm about to redo the entire network so I decided to change lots of things. Right now we authenticate the device or the user ID, once someone logs in the user ID takes over, this is great as it provides a way of SSO with our web filter. The problem is that we have only one network and Students have figured out how to get their devices on the network. I want to block them but I don't want to go to MAC authentication.
I'm going to have several SSIDs in the new layout but the one where students will be allowed will need to only allow them on domain devices, all the other ones I can simply deny their account access. Any Ideas? The Access points are going to be Aruba IAPs in the 300 series I believe. I think we're supposed to get a controller too but I don't have that info (I laugh as I'm doing the logical work now and I'm physically starting on this in a week or two)
We use NPS at work to do authentication for wireless and I'm about to redo the entire network so I decided to change lots of things. Right now we authenticate the device or the user ID, once someone logs in the user ID takes over, this is great as it provides a way of SSO with our web filter. The problem is that we have only one network and Students have figured out how to get their devices on the network. I want to block them but I don't want to go to MAC authentication.
I'm going to have several SSIDs in the new layout but the one where students will be allowed will need to only allow them on domain devices, all the other ones I can simply deny their account access. Any Ideas? The Access points are going to be Aruba IAPs in the 300 series I believe. I think we're supposed to get a controller too but I don't have that info (I laugh as I'm doing the logical work now and I'm physically starting on this in a week or two)