I'm working on setting up MAB on Microsoft NPS for devices such as printers that can't authenticate using wired 802.1x. I want to use the OUI portion of the MAC for the time being for authentication.
I've created a network connection policy condition using the OUI and wild card in form aa-bb-cc* for the CallingStation-ID and this works fine. Also, I can authenticate the exact MAC address as well.
The problem I'm having is I would like one policy for each type of device with multiple OUIs in the CallingStation-ID. This would be better than a separate policy for every different OUI.
For instance, a policy for multiple printer manufacturers using something like aa-bb-cc*|dd-ee-ff*|11-22-33*
Unfortunately, this doesn't seem to work. I've looked at the Microsoft NPS regex guide but I haven't found the solution. I'm sure it's something simple I'm missing.
Has anybody else successfully implemented something like this?
No comments:
Post a Comment