cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
347
Views
5
Helpful
1
Replies

Controller and VLANs

s.haqoun
Level 1
Level 1

Does the WLC and LWAP supports multiple VLANs on a single SSID, in other words, could I configure the WLC and the LWAP in a way so that I can join any VLAN in the network based on the authentication 802.1x

1 Reply 1

Rob Huffman
Hall of Fame
Hall of Fame

Hi Mohammad,

This is a fairly new addition to the WLC capabilities. Have a look;

Dynamic VLAN Assignment with RADIUS Server and Wireless LAN Controller Configuration Example;

In most WLAN systems, each WLAN has a static policy that applies to all clients associated with a Service Set Identifier (SSID), or WLAN in the controller terminology. Although powerful, this method has limitations because it requires clients to associate with different SSIDs in order to inherit different QoS and security policies.

However, the Cisco WLAN solution supports identity networking. This allows the network to advertise a single SSID, but allows specific users to inherit different QoS or security policies based on the user credential.

Dynamic VLAN assignment is one feature that places a wireless user into a specific VLAN based on the credentials supplied by the user. This task of assigning users to a specific VLAN is handled by a RADIUS authentication server, such as CiscoSecure ACS. This can be used, for example, to allow the wireless host to remain on the same VLAN as it moves within a campus network.

Therefore, when a client attempts to associate to a LAP registered with a controller, the LAP passes the credentials of the user to the RADIUS server for validation. Once the authentication is successful, the RADIUS server passes certain Internet Engineering Task Force (IETF) attributes to the user. These RADIUS attributes decide the VLAN ID that should be assigned to the wireless client. The SSID (WLAN, in terms of WLC) of the client does not matter because the user is always assigned to this predetermined VLAN ID.

From this good doc;

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076317c.shtml

Hope this helps!

Rob

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: