<Environment>

(1)Controller: Catalyst 9800

(2)Access Point: Catalyst 9115AX [Flex Mode]

(3)Desired Wireless User VLAN ID：

->VLAN10 for Employee

->VLAN20 for Guest

(4)WLAN profile

->Employee: Employee-WLAN

SSID: Employee-SSID

->Guest: Guest-WLAN

SSID: Guest-SSID

(5)Policy profile

->Employee: Employee-policy->Access Policies->VLAN/VLAN Group->VLAN001[vlan name not vlan id,not exist in WLC]

->Guest: Guest-policy->Access Policies->VLAN/VLAN Group->VLAN002[vlan name not vlan id,not exist in WLC]

(6)Policy Tag

Name: HQ-Policy-Tag

Mapping:

Employee-WLAN＜—＞Employee-policy

Guest-WLAN＜—＞Guest-policy

(7)Flex profile

Name: HQ-Flex

General->Native VLAN ID->1

VLAN->VLAN name->VLAN0010

VLAN->VLAN id->10

VLAN->VLAN name->VLAN0020

VLAN->VLAN id->20

Query:

How does AP distinguish which SSID mapping to which User VLAN when a wireless user connects Employee-SSID or Guest-SSID?

Vlan 10 and 20 have been configured only in one Flex profile and Controller, but there is no vlan information in the WLAN profile mapping to specified SSID.