Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1146
Views
0
Helpful
4
Replies

ISE & WLAN SSID/VLAN select based on mac hash

Go to solution
tdoes
Cisco Employee
Cisco Employee

‎03-08-2016 02:32 PM

Hi,


Can we use ISE as a ‘controller’ for the VLAN select feature (put a client in a SSID/VLAN based on a client mac address hash)?


We support this feature on our WLC but my customer would like to use ISE to migrate a Juniper/Trapeze WLAN to a Cisco WLAN.


Tames.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to tdoes

‎03-09-2016 05:45 AM

There is no feature in ISE that would automatically do that. You could manually balance by location, user group or other parameters perhaps.

Maybe something Prime can assist with on the Cisco WLAN side but don't think they can help with the Juniper side of things

Another teammate confirmed. Sounds like a Wireless question.  Yes, VLAN Select is for use case described below, but that is not related to ISE.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎03-09-2016 05:29 AM

Yes ISE in an authorization rule can match the RADIUS:calling-station-id (mac address of the client authentication) and in the authorization rule return an authorization profile that assigns a specific vlan, tag or ACL. Please be aware doing this for lots of clients doesn't make sense as you might have 100s of rules and look into scaling and management issues with that many so use it sparingly and wisely.

0 Helpful

Go to solution
tdoes
Cisco Employee
Cisco Employee
In response to Jason Kunst

‎03-09-2016 05:35 AM

Hi Jason,

In this case we don't want a static relationship between the mac and ssid/vlan but we want to use a pool of ssid's/vlan's and then automatically divide the customers over this pool. Working on both the old Juniper/Trapeze WLAN and the new Cisco WLAN. Very similar to the VLAN select feature of the WLC where they divide users over a pool of ssid's/vlan's based on a computed hash of the client mac address.

Is that possible?


Tames.

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to tdoes

‎03-09-2016 05:45 AM

There is no feature in ISE that would automatically do that. You could manually balance by location, user group or other parameters perhaps.

Maybe something Prime can assist with on the Cisco WLAN side but don't think they can help with the Juniper side of things

Another teammate confirmed. Sounds like a Wireless question.  Yes, VLAN Select is for use case described below, but that is not related to ISE.

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee
In response to tdoes

‎03-09-2016 06:50 AM

Another teammate confirmed. Sounds like a Wireless question.  Yes, VLAN Select is for use case described below, but that is not related to ISE.

0 Helpful
Customers Also Viewed These Support Documents