Can I have multiple Radius servers for one 802.1x but different user profile?

  • 1
  • Question
  • Updated 8 months ago
I have one 802.1x SSID with two user profiles:
A - goes with Radius NPS server this one is working fine
can I add
B - goes to AD authentication on remote site 

I dont see a way to achieve that. 
Photo of MST


  • 152 Posts
  • 3 Reply Likes

Posted 8 months ago

  • 1
Photo of Mike Kouri

Mike Kouri, Official Rep

  • 1030 Posts
  • 271 Reply Likes
Why not let NPS pass thru to AD?
Photo of Carsten Buchenau

Carsten Buchenau, Champ

  • 356 Posts
  • 117 Reply Likes
Authentication takes place first, then the user profile assignment. You can have different user profiles assigned based on attributes returned back from the authentication server, but not the other way around.

You can use different Radius servers due to device classifications though. For example, in Location A you can use server and in Location B you can use server

Hope this helps.
Photo of BJ

BJ, Champ

  • 374 Posts
  • 45 Reply Likes
Perhaps you will need a separate network policy, a similarly named SSID, pointing to your other AAA server. I don't think you can point to two separate servers on the same SSID without it being a primary/backup setup.