cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
207
Views
0
Helpful
3
Replies
Beginner

wlc2504 Dynamic VLAN Assignment

I installed DHCP, Radius in Ubuntu to configure Dynamic VLAN Assignment.

I can get DHCP and log in as Radius.

 

I want to use several VLANs for one SSID.
But I can't.

https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-vlan/71683-dynamicvlan-config.html

I saw it and I followed it.
but Only management IP network has been Assignment
What is the problem?
I think it's a WLAN or AP setting problem. Help me.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Re: wlc2504 Dynamic VLAN Assignment

Hi,

 

Do you want to use VLAN assignment based on the AD group or based on the switch  and AP location ?

 

With Ubuntu free Radius, I have not seen any validated design to assign the VLAN based on the AD group membership. The VLAN assignment will be pushed from Radius server which seems to be not supported when using Ubuntu Radius. You can still use users authentication through it.

 

If you want to have different VLAN based on the AP location, then we can do the configuration from WLC. You need to configure AP-Groups and interfaces on WLC. Have a look on below:

 

https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-vlan/71477-ap-group-vlans-wlc.html

 

Just a note, singe VLAN with big subnet is enough for a SSID unless you want to have Dynamic VLAN'S based on user role. With wireless, we dont have that broadcast issues that we have with wired Network so for most of deployment, we are okay with singe VLAN.

 

 

View solution in original post

3 REPLIES 3
Highlighted
VIP Advisor

Re: wlc2504 Dynamic VLAN Assignment

Hope you have different VLAN for users ?

BB
*** Rate All Helpful Responses ***
Highlighted

Re: wlc2504 Dynamic VLAN Assignment

Hi,

 

Do you want to use VLAN assignment based on the AD group or based on the switch  and AP location ?

 

With Ubuntu free Radius, I have not seen any validated design to assign the VLAN based on the AD group membership. The VLAN assignment will be pushed from Radius server which seems to be not supported when using Ubuntu Radius. You can still use users authentication through it.

 

If you want to have different VLAN based on the AP location, then we can do the configuration from WLC. You need to configure AP-Groups and interfaces on WLC. Have a look on below:

 

https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-vlan/71477-ap-group-vlans-wlc.html

 

Just a note, singe VLAN with big subnet is enough for a SSID unless you want to have Dynamic VLAN'S based on user role. With wireless, we dont have that broadcast issues that we have with wired Network so for most of deployment, we are okay with singe VLAN.

 

 

View solution in original post

Highlighted
Hall of Fame Master

Re: wlc2504 Dynamic VLAN Assignment

You sure you are setting up the correct attributes? That doc was for ACS and Ubuntu radius might be different. What does the radius server logs show, accept or rejected? Make sure aaa override is enabled on the wlan.
-Scott
*** Please rate helpful posts ***
CreatePlease to create content
Content for Community-Ad

August's Community Spotlight Awards