cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1454
Views
0
Helpful
1
Replies

Access for specific AD users

jacksonajax
Level 1
Level 1

Hi,

 

If I want to authorize users from a specific AD group access to a specific VLAN do I need to have that VLAN configured as an interface on the WLC?

 

Thanks,

-Jack

1 Accepted Solution

Accepted Solutions

Marvin Rhoads
Hall of Fame
Hall of Fame

No you don't. You just need to have an Airespace ACL that's assigned to the user session by your policy server (e.g., ISE or ACS). The ACL will restrict all users except the authorized ones from accessing the destination subnet that's associated with the VLAN.

You could also alternatively use Scalable Group Tags (SGTs).

View solution in original post

1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

No you don't. You just need to have an Airespace ACL that's assigned to the user session by your policy server (e.g., ISE or ACS). The ACL will restrict all users except the authorized ones from accessing the destination subnet that's associated with the VLAN.

You could also alternatively use Scalable Group Tags (SGTs).

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: