02-07-2020 06:53 AM - edited 07-05-2021 11:40 AM
Hello,
I have configured dynamic VLAN assignment on a 5520 WLC using RADIUS authentication with a Microsoft NPS. This works perfectly with Layer 2 802.1x. configured on a WLAN.
Can I configure AAA override to work when using Layer 3 web authentication? I essentially want the WLAN to try for local authentication and then try radius. The authentication works as I would expect but the VLAN does not get assigned. When I think about it being layer 3, I'm assuming the client will already be in the network of the WLAN interface, therefor an ACL would be a better way to handle this?
I am a mere CCNA R&S, so any help would be massively appreciated.
Solved! Go to Solution.
02-07-2020 07:11 AM
Dynamic VLAN assignment does not work for web authentication from a WLC. So you need to find a way ?
ACL - depends on requirement here.
02-07-2020 07:11 AM
Dynamic VLAN assignment does not work for web authentication from a WLC. So you need to find a way ?
ACL - depends on requirement here.
02-07-2020 07:25 AM
@balaji.bandi wrote:Dynamic VLAN assignment does not work for web authentication from a WLC. So you need to find a way ?
ACL - depends on requirement here.
Happy with that, I suspected it wouldn't I just wanted to know for sure!
Thanks @balaji.bandi
03-01-2020 10:21 PM
This could be something to look forward to. On the Catalyst 9800 IOS-XE 17.1 release, VLAN Override on Layer 3 Web Authentication is available.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide