Dynamic VLANs in Cisco Wireless Controller 2504 with Microsoft NPS / Radius Server 2008r2

sundesa1977 · ‎01-15-2017

Hi All,

I've am not that advance level user of Cisco WLC but I have recently deployed (Dynamic VLAN) wired network security with cisco switches. The same I need to configure with Cisco WLC 2504 using the existing VLANs created in my network.

Scenario:

Once the user logs in to windows using his domain account the machine gets the relevant vlan IP from the NPS / Radius server.

Suppose:

IT VLAN is 10

Finance VLAN is 20

Marketing VLAN is 30

Guest VLAN is 50

If Finance user will log in to any machine using his log in account he will get in to VLAN 20 and the same for IT and Marketing and Guest.

I need the exactly same scenario for Wireless users once they log in using their windows account, they should get the relevant IP or VLAN subnet.

Thanks in well Adv.

Regards.

Francesco Molino · ‎01-26-2017

Hi

I assume that your WLAN are central switched and not local switched (flexconnect).

If I believe correctly, from your NPS, you need to push the attribute Airespace-Interface-Name.

The value of that attribute needs to match the exact name of the wlc interface referring the right vlan.

If it's not done, you need to trunk all vlan you want to use on the wlc and create the layer 3 interfaces for each vlan.

At a basic step you need to declare your NPS under the security tab for authentication and authorization. Then you need to attach this radius on the wlan configuration.

Thanks. Hope this is clear.

PS: Please don't forget to rate and mark as correct answer if this answered your question

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question