Greetings,
I’ve set up an SSID with PSK in CAPsMAN and an access list featuring “query radius” as the action. My goal is to move devices to different VLANs based on their MAC addresses.
Currently, things are functioning as intended. When I add a MAC address (user) to the UserManager database, the client is properly accepted and placed in the VLAN within the profile.
However, when a MAC address isn’t in UserManager, the client is rejected. Is there a way to configure a default VLAN for rejected users? I attempted to add “00:00:00:00:00:00” as an “all mac default user” in UserManager, but it had no effect.
Alternatively, is there a setup similar to dot1x for LAN, where if there’s an authentication timeout, the device is placed in a default VLAN?
Could a different RADIUS solution assign a default VLAN when no specific MAC (user) is configured? I appreciate any suggestions you may have!