I'm using active directory authentication for VPN. The users enter their windows credentials, and its authenticated through active directory using NPS (Network Policy Server). Now, when the users use VPN, they have access to the whole network.
I have VLANs on my Meraki firewall, and VLANs have access permissions. For example VLAN 2 have access to whole network, while VLAN 4 access everything except for VLAN 3. How can I make it so that when users use VPN, depending on which VLAN they're on, they get access to the desired VLANs just like when they're at work?
Would this work? Is this only for WiFi, or would this also work for VPN?
http://wifinigel.blogspot.com/2014/03/microsoft-nps-as-radius-server-for-wifi_18.html