This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Is this possible?
I have several hundred buildings, each with a set of unique VLAN ID's tied to unique VLAN names
and so on..
This will of course give a lot of rules in ISE if I was to use VLAN ID's.
Then I read that it is possible to use VLAN Names to assign the correct VLAN
But is it possible to use partial names when setting up the rule, for example Teacher or Students? Since that part is the same in all buildings.
If not, is it possible to implement?
If would save me (an other with similar name regimes) a lot of time if it was possible.
I also kinda like having unique names tied to unique VLANs
Having VLAN names that are all totally unique as all of your numbered VLANs defeats the purpose - it just makes them more human-readable.
The purpose of VLAN Names is to generalize your segmentation policy (Teacher,Student,Health,Management) and not care about the specific VLAN on a specific switch on a specific floor in a specific building. In large buildings with large switches, you could even have multiple VLAN numbers handling the same named VLAN for scaling.
Keep your VLANs general for segmentation and consider using Network Device Group (NDGs) if you need to create special location-based policies for certain buildings.
Apologies for opening up an old thread.
Would like to know a bit more about utilising multiple vlans with the same name on a switch if possible…
Am looking for a way to implement similar functionality as WLAN interface groups on the wired switch side – is this possible with dynamic vlan, and if so, can you please provide an example?
Use Case: Large building switch with multiple vlans per user type.
Thanks for the response.
What I am referring to is whether wired dynamic vlan assignment can be performed in a similar way as WLAN interface groups feature wherein an interface group name is passed from ISE, and the WLC picks a vlan associated with the WLC defined interface group.
The use case for this question is a large building switch with multiple vlans per user type (eg. 3x vlans for staff - staff1, staff2, staff3), and the ability for ISE to dynamically select an interface group or partial name(eg.vlan name wilcard: 'staff.*') and for the switch to select one of the many vlans associated with that user type vlan (eg. staff3).
Hope this is a bit clearer :)
This is probably what you are after -- Solved: ISE and WLC dynamic interface group assignment? - Cisco Community