Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
890
Views
0
Helpful
5
Replies

Multiple Security Profiles (SSIDs/Vlans) or Single SSIDs and Vlans

msmarziali
Level 1
Level 1

‎07-05-2019 04:56 PM - edited ‎07-05-2021 10:40 AM

Hi All,

 

We have configured an acces points Aironet 1850i with image mobility express.

In my network i have 4 vlans.

The access point is connected to the switch with a trunk connection for all vlans.

We have configured radius authentication for all SSIDs: we have created a SSID (tagged) for each vlan.

In total now i have 4 SSID.

 

It is possible to have a configuration with a single SSID and then based on user authentication (if a member of a group) assign the vlanid ?

Which is the safest configuration?

 

Thank you in advance.

 

 

Labels:
0 Helpful
5 Replies 5

Francesco Molino
VIP Alumni
VIP Alumni

‎07-05-2019 09:05 PM

Hi

Yes you can have only 1 ssid and then based on user authentication, you can push them into a vlan. If you're in a flexconnect mode then you can assign a vlan. If you're in local mode (centralized mode), you can assign a radius attribute Airespace:Airespace-Interface-Name. This interface must be defined into your wlc.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

msmarziali
Level 1
Level 1
In response to Francesco Molino

‎07-07-2019 06:58 AM

Hi, we have not a wlc.

We use an aironet 1650i for wlc role.

We setup aironet by web wizard, but no find any reference to setup one ssid for multiple VLAN  and assign correct VLAN by NPS.

Is possible configure via web?

Web interfacce permit create WLAN(ssid) and assign a tag for VLAN, so we create multiple ssid that correspond to vlans.

 

Any reference?

Thanks a lot  for precious support.

 

 

 

0 Helpful

msmarziali
Level 1
Level 1
In response to Francesco Molino

‎07-07-2019 06:59 AM

Hi, we have not a wlc.

We use an aironet 1650i for wlc role.

We setup aironet by web wizard, but no find any reference to setup one ssid for multiple VLAN  and assign correct VLAN by NPS.

Is possible configure via web?

Web interfacce permit create WLAN(ssid) and assign a tag for VLAN, so we create multiple ssid that correspond to vlans.

 

Any reference?

Thanks a lot  for precious support.

0 Helpful

Francesco Molino
VIP Alumni
VIP Alumni
In response to msmarziali

‎07-07-2019 07:42 PM

Here a documentation showing how to do vlan assignment on an autonomous AP:
https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/116581-configure-dynamicvlan-00.html

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Sathiyanarayanan Ravindran
Spotlight
Spotlight

‎07-06-2019 09:08 PM

Hi @msmarziali ,

 

Yes, You can assign VLAN via radius server based on the user group. Please refer the below links for ACS and NPS.

 

Dynamic Authorization using NPS on Cisco WLC

Dynamic Authorization using ACS on Cisco WLC

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card