Posts

Showing posts with the label VLAN

Microsoft NPS as a RADIUS Server for WiFi Networks: Dynamic VLAN Assignment

Image
The Microsoft Network Policy Server (NPS) is often used as a  RADIUS server for WiFi networks. It can provide authentication and authorization services for users on a wireless network. In this article we take a look at how users can be dynamically assigned to a VLAN that suits their account privileges, using RADIUS attributes passed back from NPS to the RADIUS client (usually a wireless LAN controller or access point). This method of assigning a user to a particular VLAN based on their login credentials is also known as Role Based Access Control (RBAC).  As wireless networks have grown to provide more and more services to organisations, the practice of creating a new SSID for each new service required has fallen out of favour, as each SSID adds more overhead to the RF medium, reducing the available bandwidth for all wireless services.  Best practice in terms of the number of SSIDs you should have available from your wireless network is generally accepted to be around 4