cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Cisco Community Designated VIP Class of 2020

770
Views
0
Helpful
10
Replies
Beginner

VLAN assignment to the wireless device based on mac-address

Hi All,

We have SSID which assigned with multiple vlans, so when the users are accessing the wireless network through radius authentication , they will be assigned to any one of the VLAN to get network access. There is a new requirement to add two wireless devices in to the same specific vlan based on their mac address . After this change whenever these two wireless devices accessing the network they should be placed in the same vlan as well both wireless devices should communicate each other without any block.

Could you please anyone provide information on how to establish this setup?

Everyone's tags (3)
10 REPLIES 10
VIP Mentor

Hi,

Hi,

Yes via RADIUS-based MAC address authentication, this is easy.

you can do it by using client's MAC address and it will be in the Calling-Station-Id attribute.

Regards

Dont forget to rate helpful posts

Beginner

Hi Sandeep,

Hi Sandeep,

Thanks for the reply, could you please provide the steps how to do it and any solution related to this case. I don't have much experience with wireless network.

VIP Mentor

are you using ISE as radius

are you using ISE as radius server ? or any other vendor ?

Beginner

The radius server is managed

The radius server is managed by different team , i am getting the vendor details. in the mean time, are you saying this mac address based authentication can be done only on Radius server not in WLC. i thought it should be done in WLC. please let me know if any other changes to done on WLC

VIP Mentor

is this wlan used only for

is this wlan used only for these two devices or for all  other ?

How the wlan is setup ? 802.1x or ?

Beginner

There are many users use this

There are many users use this SSID to access corporate wireless network , we have 20 VLANs assigned to this SSID. The requester wants to use two wireless devices to use specific VLAN when accessing this. Moreover its using 802.1x authentication 

VIP Mentor

ohk then you dont need to do

ohk then you dont need to do anything on WLC. Just need to create new policies on RADIUS server.

example is attached(from ISE):

Test PCs     

if

(Wireless_802.1X AND Radius:Calling-Station-ID EQUALS 78:44:7c:xx:xx:xx AND Radius:Called-Station-ID ENDS_WITH Test )

then

testLaptop

Regards

Dont forget to rate helpful posts

Beginner

thank you very much, i will

thank you very much,but in the example you have provided i don't the VLAN mentioned, then how it would join the specific vlan, please clarify. if you have implementation document will be great for understanding

Highlighted
Beginner

Please refer the following

Please refer the following links for deployment guide:

5520:

http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-1/5520-WLC-DG/b_Cisco-5520-WLC-deployment-guide.html

2500 :

http://www.cisco.com/c/en/us/support/docs/wireless/2500-series-wireless-controllers/113034-2500-deploy-guide-00.html

Beginner

Hi Sandeep, 

Hi Sandeep, 

The radius server is Sun Oracle . Do you have any document or solution for this model. Or do we have any option to restrict in WLC level for this request, please suggest.

CreatePlease to create content
Content for Community-Ad

August's Community Spotlight Awards