02-08-2017 10:38 PM - edited 07-05-2021 06:31 AM
Hi All,
We have SSID which assigned with multiple vlans, so when the users are accessing the wireless network through radius authentication , they will be assigned to any one of the VLAN to get network access. There is a new requirement to add two wireless devices in to the same specific vlan based on their mac address . After this change whenever these two wireless devices accessing the network they should be placed in the same vlan as well both wireless devices should communicate each other without any block.
Could you please anyone provide information on how to establish this setup?
02-08-2017 10:54 PM
Hi,
Yes via RADIUS-based MAC address authentication, this is easy.
you can do it by using client's MAC address and it will be in the Calling-Station-Id attribute.
Regards
Dont forget to rate helpful posts
02-08-2017 11:07 PM
Hi Sandeep,
Thanks for the reply, could you please provide the steps how to do it and any solution related to this case. I don't have much experience with wireless network.
02-08-2017 11:35 PM
are you using ISE as radius server ? or any other vendor ?
02-09-2017 12:45 AM
The radius server is managed by different team , i am getting the vendor details. in the mean time, are you saying this mac address based authentication can be done only on Radius server not in WLC. i thought it should be done in WLC. please let me know if any other changes to done on WLC
02-09-2017 12:53 AM
is this wlan used only for these two devices or for all other ?
How the wlan is setup ? 802.1x or ?
02-09-2017 12:59 AM
There are many users use this SSID to access corporate wireless network , we have 20 VLANs assigned to this SSID. The requester wants to use two wireless devices to use specific VLAN when accessing this. Moreover its using 802.1x authentication
02-09-2017 01:29 AM
ohk then you dont need to do anything on WLC. Just need to create new policies on RADIUS server.
example is attached(from ISE):
Test PCs
if
(Wireless_802.1X AND Radius:Calling-Station-ID EQUALS 78:44:7c:xx:xx:xx AND Radius:Called-Station-ID ENDS_WITH Test )
then
testLaptop
Regards
Dont forget to rate helpful posts
02-09-2017 02:09 AM
thank you very much,but in the example you have provided i don't the VLAN mentioned, then how it would join the specific vlan, please clarify. if you have implementation document will be great for understanding
02-26-2017 08:49 PM
Please refer the following links for deployment guide:
5520:
http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-1/5520-WLC-DG/b_Cisco-5520-WLC-deployment-guide.html
2500 :
http://www.cisco.com/c/en/us/support/docs/wireless/2500-series-wireless-controllers/113034-2500-deploy-guide-00.html
02-09-2017 02:30 AM
Hi Sandeep,
The radius server is Sun Oracle . Do you have any document or solution for this model. Or do we have any option to restrict in WLC level for this request, please suggest.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide