MAC authentication regardless of IP pool

syedjahanzaib Lv1Posted 14 Dec 2022 01:27

Last edited by syedjahanzaib 14 Dec 2022 01:35.

To allow users mobile devices, we assign them ip from DHCP using specific pool like 192.168.1.0/24, then we create there local user account under in Sangfor "Acess management > Users Binding Mgt >  User Binding" . Also in Auth Policy, I have added policy on top that if user request is coming from thies 92.168.10/24 pool then use Local User Databses (as shown in the pictures attached).

This way when they access internet without any authentication.

I am now introducing VLANS for for every department. every department will have many phones. I cannot reserve there ips in particular pool as every dept will have different vlan pool, and users also roams between many depts all day. I cannot reseve there ip in each vlan pool.

Is there any way that no matter what ip pool user is coming from , & IF he have account (mac address) is added in "acess management > Users Binding Mgt >  User Binding", his internet should work Direclty?

Wiht Users Binding m I can have its proper name so that I can hvae his log by name as well and also monitoring is easy by username. Whats the workaround for it?



1.PNG (11.65 KB, Downloads: 538)

1.PNG

3.PNG (17.04 KB, Downloads: 536)

3.PNG

2.PNG (20.88 KB, Downloads: 544)

2.PNG

4 user binding.png (77.79 KB, Downloads: 541)

4 user binding.png

Happpy has solved this question and earned 10 coins.

Posting a reply earns you 2 coins. An accepted reply earns you 20 coins and another 10 coins for replying within 10 minutes. (Expired) What is Coin?

Enter your mobile phone number and company name for better service. Go

Yes it should work with MAC-IP Binding
Is this answer helpful?
Happpy Lv3Posted 16 Dec 2022 14:21
  
Yes it should work with MAC-IP Binding
RegiBoy Lv5Posted 18 Dec 2022 13:35
  
Can you share your topology?
Naomi Posted 18 Dec 2022 13:50
  
Yeah it should work.
Robin Lv3Posted 18 Dec 2022 14:01
  
I think there is no work around now.
MISMDS Lv3Posted 18 Dec 2022 14:10
  
It is better to use Active Directory
Noah19 Lv3Posted 19 Dec 2022 05:28
  
fixed IP to Mac Address
rivsy Lv5Posted 19 Dec 2022 08:00
  
Your current configuration is too broad and the configuration might takes a lot of time, maybe you can setup a separate AD server to ease your configuration
Pat Lv4Posted 19 Dec 2022 13:55
  
There is no workaround for this.
noime Lv3Posted 19 Dec 2022 14:08
  
Try to have a separate AD

I Can Help:

Change

Moderator on This Board

1
3
5

Started Topics

Followers

Follow

Board Leaders