We're using Dynamic VLAN assignment using AD groups via 802.1X. NPS is the radius server. This works great but we have an issue when a user travels to another location where different VLANs are used with the same SSID. The same pair of NPS servers (one primary & one backup) provide authentication for both locations. We've tried to override the radius assigned VLAN using location awareness via Topology maps, hostname and tags. However, the radius assigned VLAN takes precedence. Other than creating a separate SSID for the remote locations, is there a way to continue to use Dynamic VLANs with a single SSID and add location awareness to override the radius assigned VLAN?