D
Drew.Prince
Hello,
I have an existing Network Policy Server that is working just fine. We have a Cisco ASA configured to authenticate users using radius to our NPS server. The configuration works and allows / denies users as expected.
However, I want to lock down a new or existing (tried both) Network Policy so a connected user (group of users) can only access the IP address ranges that I specify (either by blocking or allowing) using the policy > settings tab > IP Filters tab > Input/Output filters.
However, the input/output filters I enter have no effect.
I created a test lab to simulate the production environment and the IP filters work as expected there, but I can't finger out why it isn't working in our production environment. There weren't any special steps to enable this feature... Any tips on what may be happening?
Continue reading...
I have an existing Network Policy Server that is working just fine. We have a Cisco ASA configured to authenticate users using radius to our NPS server. The configuration works and allows / denies users as expected.
However, I want to lock down a new or existing (tried both) Network Policy so a connected user (group of users) can only access the IP address ranges that I specify (either by blocking or allowing) using the policy > settings tab > IP Filters tab > Input/Output filters.
However, the input/output filters I enter have no effect.
I created a test lab to simulate the production environment and the IP filters work as expected there, but I can't finger out why it isn't working in our production environment. There weren't any special steps to enable this feature... Any tips on what may be happening?
- NPS Server = Domain Controller, Win2012 R2
- Radius Client = Cisco ASA (unknown type/version, I dont have access to it, but dont think this is a concern)
- Tested with Win10Home & Pro
Continue reading...