Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
2223
Views
0
Helpful
6
Replies

WLC-5508 dynamic vlan assignment by radius

Go to solution
tllewell55
Level 1
Level 1

ā€Ž08-24-2020 07:57 AM - edited ā€Ž07-05-2021 12:26 PM

The docs on 5508 controllers say radius can assign vlans by vlan ID (see https://community.cisco.com/legacyfs/online/legacy/3/3/0/55033-AAA-overide-ACS52.pdf). Radius servers actually return a string, and the vlans are all associated with an interface name, so I'd rather use the name, like you can with cisco's ethernet switches (by using the vlan name). Does the software allow this? We're on 8.5.140.0.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
patoberli
VIP Alumni
VIP Alumni
In response to tllewell55

ā€Ž08-24-2020 10:31 AM

I solved this by using site aware policies, for example calling station id or ip address of the ap.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
patoberli
VIP Alumni
VIP Alumni

ā€Ž08-24-2020 08:53 AM

I've never tested it, but the guides clearly recommend you should use the number:
https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/99121-vlan-acs-ad-config.html#anc5
They also reason why this is the case.
You can of course test it, by setting the ID/Name to the name of the virtual interface.
0 Helpful

Go to solution
tllewell55
Level 1
Level 1
In response to patoberli

ā€Ž08-24-2020 09:01 AM

If you can use the name, you can provision clients who move from one environment to another. VLAN numbers are less portable due to the way our environment has been built (not because they are less portable in theory). And yes, I could test, probably will, but if it's not possible how do I know if something isn't quite right or I'm trying something that just doesn't work?

 

Thanks,

Ted

0 Helpful

Go to solution
patoberli
VIP Alumni
VIP Alumni
In response to tllewell55

ā€Ž08-24-2020 10:31 AM

I solved this by using site aware policies, for example calling station id or ip address of the ap.
0 Helpful

Go to solution
tllewell55
Level 1
Level 1
In response to patoberli

ā€Ž08-24-2020 11:19 AM

Kind of what I've been trying to avoid, since it would mean programming in VLAN information for a bunch of stuff that are  not WLCs to account for the fact that the WLCs won't do names. Probably have to code it in a way that will use the name for the bulk of the devices and will use a vlan-id for the smaller set of devices that have to have the number. Thanks.

0 Helpful

Go to solution
tllewell55
Level 1
Level 1
In response to patoberli

ā€Ž08-24-2020 01:07 PM

Cool, thanks. That does look promising.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card