locked
NPS reporting NAP for everything RRS feed

  • Question

  • I'm trying to setup a policy in NPS for some Cisco switches so I can authenticate users with AD credentials. I have a connection policy and a network policy and it is working properly.  However, in the logs, I see the user authenticated successfully, then I see a NAP log that it granted full network access.  Since this isn't really dot1x, or nap, is there a way to have it only pass the Connection policy and not need a network policy, or if it's a network policy, don't do NAP on it...right now I just have it set to "full access", but regardless of what I put it doesn't mattter...I don't need it.

     derek


    Derek
    Thursday, January 22, 2009 11:18 PM

Answers

  • Hi Derek,

    Did you use the wizard to create your policies? This will have you create health polices that you don't need if you aren't doing NAP evaluation.

    When you start the wizard, make sure you select "RADIUS server for 802.1X Wireless or Wired Connections" - not "Network Access Protection (NAP)" if you don't want to do NAP. You can also edit your existing policies to remove the health policy condition.

    -Greg

    Friday, January 23, 2009 1:25 AM