Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
547
Views
0
Helpful
3
Replies

RADIUS-assigned VLANs are not supported when you enable multiple BSSIDs

mikedelafield
Level 1
Level 1

‎05-14-2009 12:48 AM - edited ‎07-03-2021 05:36 PM

Could someone please tell me is this 100% correct?

"RADIUS-assigned VLANs are not supported when you enable multiple BSSIDs"

Any ideas why? Does anyone have a way around this?

As a workaround I was thinking of setting up one broadcast SSID for guests and one non-broadcast SSID for RADIUS assigned VLANs, however i'd prefer to have both broadcast due to numerous Vista and PDA connection issues.

Labels:
0 Helpful
3 Replies 3

patoberli
VIP Alumni
VIP Alumni

‎05-14-2009 12:59 AM

Hi,

here, on a Wlan Controller 4.2 based solution, is that Radius feature working.

It's important that you select the option "Allow AAA Override" in the SSID.

And on the Radius you need to set:

[064] Tunnel-Type

Tag 1 Value VLAN

[065] Tunnel-Medium-Type

Tag 1 Value 802

[081] Tunnel-Private-Group-ID

Tag 1 Value [the number of the VLAN]

Then you could even use the same SSID to assign the users into different VLANs ;)

But you need to have all VLANs configured as a virtual interface.

-

Patrick

0 Helpful

mikedelafield
Level 1
Level 1
In response to patoberli

‎05-14-2009 11:45 PM

Hi.

Thanks for your reply.

That is what I would like to do; have one SSID and assign the users to different VLANs based on policy.

I have all the VLANs and subinterfaces set up correctly and working independently, but the VLAN assigment does not seem to work correctly.

If I do a "show dot11 association all-client" the RADIUS attribute appears to have altered the VLAN, but the device has no connectivity and cannot DHCP.

This is with 1130AG in autonomous mode and Microsoft IAS as RADIUS.

Apparently there may be a problem with mbssid and RADIUS assigned VLANs.

0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to mikedelafield

‎05-15-2009 12:23 AM

I forget to add, I have all VLANs also as it's own SSID. This whole Radius assignement is more a protection issue in case the person tries to assign to the "wrong" ssid. But I do spread, in my case 4 VLans, all VLans also in their own SSID (3 of them hidden, one for the masses, public). Maybe you need to do that too.

Patrick

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card