Hi,
I'm trying to configure MAB Authentication (Cisco Switches) with NPS (Windows Server 2008 R2) with per-user dynamic-ACL. Actually I've made it works for all the authorized user, but I've a problem with the unauthorized. More in detail, I need to achieve this result:
1) If the user is authorized grant access.
2) If the user isn't authorized grant access and pass a Dynamic-ACL (using CISCO-AV-PAIR attribute).
The problem is that when the Access-Request arrives to the NPS there isn't any way to obtain this result because the request match the Network Policy, the NPS find that the user is not authorized and it deny access.
There's any way to tell the NPS what to do if a network policy return a unauthorized result?
Sorry for my poor English and thanks for any help!!
Best regards.
Matteo