Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2369
Views
0
Helpful
4
Replies

802.1x Dynamic Vlan assignment using ACS

prasad.gsmc
Level 1
Level 1

‎04-07-2010 08:03 AM - edited ‎03-06-2019 10:30 AM

Hi,

I have the following scenario

2 bulidings with multiple floor

Each floor should be in different VLAN.

The network should be authenticated with 802.1x and each switch port should be assigned with dynamic VLAN from ACS.

Each user should be able to connect and roam around between any building. when ever a user is connecting his laptop to any floor, he should be made part of that respective vlan. It is not requred to have the same IP rage to be allocated, but the dynamic VLAN should be based on the switch port location.

Can I configure ACS in such a way that, the ACS will allocate dynamic VLAN for every 802.1x authentication  based on the Network Device Group. Please refer the attached diagram

Labels:
Preview file
32 KB
0 Helpful
4 Replies 4

Ganesh Hariharan
VIP Alumni
VIP Alumni

‎04-07-2010 10:26 PM 

Hi,
I have the following scenario
2 bulidings with multiple floor
Each floor should be in different VLAN. 
The network should be authenticated with 802.1x and each switch port should be assigned with dynamic VLAN from ACS. 
Each
user should be able to connect and roam around between any building.
when ever a user is connecting his laptop to any floor, he should be
made part of that respective vlan. It is not requred to have the same
IP rage to be allocated, but the dynamic VLAN should be based on the
switch port location.
Can
I configure ACS in such a way that, the ACS will allocate dynamic VLAN
for every 802.1x authentication  based on the Network Device Group.
Please refer the attached diagram

Hi,

Check out the below link for your requirement for dynamic vlan assignement using ACS

http://www.ciscosystems.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076317c.shtml

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

0 Helpful

prasad.gsmc
Level 1
Level 1
In response to Ganesh Hariharan

‎04-07-2010 11:02 PM

thanks for the response but I am not able to find an answer on whether based on the Device group VLAN could be assigned or not. All doc says its based on user ID....

0 Helpful

Ganesh Hariharan
VIP Alumni
VIP Alumni
In response to prasad.gsmc

‎04-07-2010 11:10 PM 

thanks for the response but I am not able to find an answer on whether
based on the Device group VLAN could be assigned or not. All doc says
its based on user ID....

Hi Prasad,

If your query is the devices which are configured in ACS for authentication on that basis vlans are assigned,If yes this is not the way ACS works it actually is on the basis of userid only.Whenever a user plugs a cable to your switch port where you have configured 802.1x the radious packet rquest will send to acs then you will get reply in terms of username and password where userid will be given which is configured in ACS database or some external database which intergarated with ACS.If that matches the assignment of vlan will be done on userid basis only.Just an explanation for your query.

Hope to help !!

Ganesh.H

Remember to rate the helpful post

0 Helpful

naveen999
Level 1
Level 1
In response to Ganesh Hariharan

‎04-21-2015 05:44 AM

Hi,

I am trying the same scenario,kindly resend the link.Unable access the link...

 

 

Thanks & Regards,

Naveen A

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card