cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
347
Views
0
Helpful
1
Replies
Beginner

Access for specific AD users

Hi,

 

If I want to authorize users from a specific AD group access to a specific VLAN do I need to have that VLAN configured as an interface on the WLC?

 

Thanks,

-Jack

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Hall of Fame Master

Re: Access for specific AD users

No you don't. You just need to have an Airespace ACL that's assigned to the user session by your policy server (e.g., ISE or ACS). The ACL will restrict all users except the authorized ones from accessing the destination subnet that's associated with the VLAN.

You could also alternatively use Scalable Group Tags (SGTs).

1 REPLY 1
Highlighted
Hall of Fame Master

Re: Access for specific AD users

No you don't. You just need to have an Airespace ACL that's assigned to the user session by your policy server (e.g., ISE or ACS). The ACL will restrict all users except the authorized ones from accessing the destination subnet that's associated with the VLAN.

You could also alternatively use Scalable Group Tags (SGTs).