I have a cisco wlc 5508 fixed at one of my remote head office and 3 (AIR-CAP3502I-E-K9) APs at remote branch office connect via flex connect mode (IPLC link).I have created a single SSID and added all three APs to that. What i want to know is, i got 4 different subnets in my LAN (branch office) and the authentication is done by the nps server in branch office, also there is a dhcp server which lease IP addresses to the client, how can I configure to lease the IP address for the correct subnet/VLAN base on the AD membership of the user? Because now it leases IP from the native VLAN which I have given on the WLC.If any one can help me on this,its great.
You would need to be running 7.2 code to take advantage of this feature. With 7.2, you define what VLAN that the FCAP has access to. Then from AAA return 64/65/81 attributes to set the VLAN.
------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
Yeah, 7.2 added AAA Override, and ACL for FlexConnect.
HTH, Steve
------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
Based on the group, and what attributes you return for the user. YOu can do forced vlan assignment/AAA Override via an AAA server.
Steve
HTH, Steve
------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
Just like what Steve mentioned, you can send radius attributes back to the wlc to make vlan change, QoS and even session timeout. Just need to make sure AAA override is enabled on the WLAN.
