Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1442
Views
5
Helpful
7
Replies

FlexProfile_For_More_Than_16_Vlans

mouadmerfouk2021
Level 1
Level 1

‎10-22-2021 03:58 AM

Hello community,

 

I have an issue with cisco WLC 9800, for wireless users I have 50 vlans, the issue is that when I want to create a Flexprofile it's only support 16 Vlans, there's any solution for this issue.

 

 

 

Labels:
0 Helpful
7 Replies 7

marce1000
Hall of Fame
Hall of Fame

‎10-22-2021 04:22 AM

 

 - Ref : https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/17-3/config-guide/b_wl_17_3_cg/m_vewlc_flex_connect.html?bookSearch=true

 >....

  Guidelines and Restrictions for FlexConnect

  • FlexConnect mode can support only 16 VLANs per AP.

  Currently this must be considered as a design limit (not really an issue)

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

mouadmerfouk2021
Level 1
Level 1
In response to marce1000

‎10-22-2021 10:33 AM

We have one SSID with 8021x authentication via ISE, and this one is responsible for Vlan attribution to users based on AD groups, for this reason I want to know if all users VLAN's should be created on the flexprofile ??

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to mouadmerfouk2021

‎10-22-2021 11:36 AM

Yes you need to add the vlan ID to the FlexConnect group. This is the only way and AP will know of what vlans to use.
-Scott
*** Please rate helpful posts ***
0 Helpful

mouadmerfouk2021
Level 1
Level 1
In response to Scott Fella

‎10-23-2021 02:32 AM - edited ‎10-23-2021 02:33 AM

I have checked with a friend that have a design similar to our design, when I checked the flexprofile I only find 10 Vlans created on this flexprofile, but there's a lot some clients connected to a different vlans that are not created on this flex profile, and he tell me that the Cisco ISE is the responsible for VLANs attribution to users.

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to mouadmerfouk2021

‎10-23-2021 07:38 AM

ISE can send the vlan id, but if the ap doesn't know of that vlan id, then the traffic will be placed on the native vlan.  You need to define your ssid to vlan mapping and also identify all the vlan id's in the acl section.  

-Scott
*** Please rate helpful posts ***
0 Helpful

Scott Fella
Hall of Fame
Hall of Fame

‎10-22-2021 07:12 AM

You really need to assess if the design you currently have is valid moving forward.  Having 50 vlans for wireless users is not normal unless you are talking about multiple sites that don't use the same vlan id.  I think you need to provide more information and details so that we can understand what you currently have and what you are trying to accomplish in detail.

-Scott
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card