We are setting a new wireless environment for both Guests and Internal access (two different networks). We use a cisco WLC 4402 to control wireless access. I have setup NPS for guest access and it appears to be working with the following conditions:
"connection Request Policy"
- Secure Wireless Connections - Conditions\NAS port type\Wireless - The rest is default
"Network Policies"
- Secure Wireless Connections - Conditions\User Groups \domain\Guest Wireless Logon allow
- Constraints - Auth Method\Unencrypted authentication (pap,spap)
The million dollar question is how to add our production network policy into this same server without ruining the current guest access policy? The way I understand it is that when a request is made, it checks each rule until it finds a match and then green lights the connection, correct? So if I said user has to be a part of some higher security group, once it hit the guest wireless logon allow group it would give them access?? I obviously don't fully understand NPS so any help would be appreciated. Thanks