Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
695
Views
5
Helpful
2
Replies

WLC Web-Auth, ACS & VLAN Assignment

aizudin_aliyeon
Level 1
Level 1

‎04-14-2008 08:10 PM - edited ‎07-03-2021 03:43 PM

I have cisco lwapp setup with wlc and acs server. In the ACS i have two user groups provisioned. At the WLC, I have 1 SSID each for these two groups.

The target is to get each users in the pecified group eg group 1, to get into vlan 1. And the same goes to group 2 and vlan 2.

Right now, everyone can logon into any ssid using username from any group. We are using the web-auth method.

Any idea on how to restrict the users in specific group into a specific vlan?

Labels:
0 Helpful
2 Replies 2

bbxie
Level 3
Level 3

‎04-14-2008 09:26 PM

although cisco's Identity Network can allocate different VLAN according to username, but it doesn't support web-auth, only support MAC filtering, 802.1X, and WPA at this moment. So if you have to use web-auth, the answer is no, if you can change it to be others such as 802.1x, you can do it by configure following tunnel attributes in ACS:

• Tunnel-Type=VLAN (13)

• Tunnel-Medium-Type=802

• Tunnel-Private-Group-ID=VLANID

aizudin_aliyeon
Level 1
Level 1
In response to bbxie

‎04-14-2008 11:45 PM

yes. right.

I did that but seems doesn't work when authed using web-auth. Changing to other security method is not an option right now as the web-auth is more presentable to end users and less hassle to connect to the network itself.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card