Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
869
Views
5
Helpful
1
Replies

More than 2 vlans created in Flex Profile

Go to solution
dawnccier
Level 1
Level 1

‎11-03-2021 05:17 AM - edited ‎11-03-2021 05:34 AM

<Environment>

(1)Controller: Catalyst 9800

(2)Access Point: Catalyst 9115AX [Flex Mode]

(3)Desired Wireless User VLAN ID:

->VLAN10 for Employee

->VLAN20 for Guest

(4)WLAN profile

->Employee: Employee-WLAN

SSID: Employee-SSID

->Guest: Guest-WLAN

SSID: Guest-SSID

(5)Policy profile

->Employee: Employee-policy->Access Policies->VLAN/VLAN Group->VLAN001[vlan name not vlan id,not exist in WLC]

->Guest: Guest-policy->Access Policies->VLAN/VLAN Group->VLAN002[vlan name not vlan id,not exist in WLC]

(6)Policy Tag

Name: HQ-Policy-Tag

Mapping:

Employee-WLAN<—>Employee-policy

Guest-WLAN<—>Guest-policy

(7)Flex profile

Name: HQ-Flex

General->Native VLAN ID->1

VLAN->VLAN name->VLAN0010

VLAN->VLAN id->10

VLAN->VLAN name->VLAN0020

VLAN->VLAN id->20

 

 

Query:

How does AP distinguish which SSID mapping to which User VLAN when a wireless user connects Employee-SSID or Guest-SSID?

Vlan 10 and 20 have been configured only in one Flex profile and Controller, but there is no vlan information in the WLAN profile mapping to specified SSID.

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Arshad Safrulla
VIP Alumni
VIP Alumni

‎11-03-2021 06:18 AM

VLAN is mapped to the Policy profile. Then at the policy tag you map the SSID to policy profile which contains the VLAN ID for that. You need to configure the VLAN ID (not name) under the policy profile, if not it will not work.

___________________________________________
TAC recommended codes for AireOS WLC's
Best Practices for AireOS WLC's
TAC recommended codes for 9800 WLC's
Best Practices for 9800 WLC's
Cisco Wireless compatibility matrix
___________________________________________
Arshad Safrulla

View solution in original post

1 Reply 1

Go to solution
Arshad Safrulla
VIP Alumni
VIP Alumni

‎11-03-2021 06:18 AM

VLAN is mapped to the Policy profile. Then at the policy tag you map the SSID to policy profile which contains the VLAN ID for that. You need to configure the VLAN ID (not name) under the policy profile, if not it will not work.

___________________________________________
TAC recommended codes for AireOS WLC's
Best Practices for AireOS WLC's
TAC recommended codes for 9800 WLC's
Best Practices for 9800 WLC's
Cisco Wireless compatibility matrix
___________________________________________
Arshad Safrulla
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card