ehlers.kevin Tue, 12/01/2009 - 11:51
User Badges:

You can do that with AAA override.  We do this so we can quarantine users using the same ssid.  I think AAA override requires a RADIUS sever, but you might be able to configure it with the WLC user database.  I've never done that.  I've always used a radius server.  Our radius server runs a script that determines which vlan/interface to place clients into.


Are you looking to do this for load balancing, or do segregate clients for special purposes?  Because if you want to load balance, you can always to AP groups.


HTH,


-Kevin

ncharaipotra Tue, 12/01/2009 - 13:04
User Badges:

Kevin,


Thanks for the response.


I have one building that has 1600 users and I wanted to use multiple vlans just to know where my users were coming from.  Does that make sense?  What is best practice here...one vlan for the whole building?


Thanks,


Nick

ehlers.kevin Tue, 12/01/2009 - 13:26
User Badges:

Hi Nick,


I'm not sure about best practicies, but we split up the network based on the number of clients.  Each of our controllers gets a /21 (a bit large, but we're nat'ing everything and the WLCs have good broadcast supression).  We have two controllers (i.e. one WiSM) per quadrant. We're getting close to the limit in or reshalls.  We used to have a /20 for all of our wireless devices, but that got a bit problematic.  In your case, using ap groups with a different interfaces would probably work well.  I'd stick with sizing your vlans to whatever you're comfortable with.  Assign as many vlans/interfaces to AP Groups as necessary.  In our case, I feel that 2000 clients is about the max I want for a vlan.  So we will grow by adding more /21 vlans.  I wouldn't use a separate vlan for small buildings.  I'd clump those together.  It'd would be more work to maintain the ap groups list.


FWIW, we use WCS and search for the clients mac address or username to find out where they are.  We group our APs by quadrant to make user reported outages easier to trend, i.e. "the north west quadrant is having dhcp issues".


E.g.

Interfaces

Building 1    = vlan 10 (1600 clients)

Building 2    = vlan 20 (900 clients)

Everyone else = vlan 30 (~600 spread across 10 buildings)


ap groups

Building 1 => "my ssid" -> Building 1

Building 2 => "my ssid" -> Building 2

default    => "my ssid" -> Everyone else


-Kevin

Leo Laohoo Tue, 12/01/2009 - 13:02
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

1.  Go to each SSID (WLAN > Click on the SSID);
2.  In the General tab you have Interface drop-down menu; and
3.  Choose the Dynamic Interface you've configured.


Does this answer your question?

ncharaipotra Tue, 12/01/2009 - 13:15
User Badges:

Leo,


That would work if I was to use multiple ssid's. In my situation, I only wanted to use one ssid with multiple vlans.

Leo Laohoo Tue, 12/01/2009 - 14:37
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

Whoopsie! 

weterry Tue, 12/01/2009 - 19:43
User Badges:
  • Silver, 250 points or more

Radius attributes could allow you to specify the interface, but it requires radius.


If you want to just split up the interfaces by AP (like location of AP), I suggest you look at AP Groups as ehlers.kevin mentioned.


With AP Groups, you can put all the APs on floor 1 in a group, and assign to interface 1.

You can put all the APs on floor 2 in group 2 and assign to interface 2.... etc...


So, if you want to assign the interface based on the AP the client is on, AP Groups would be a good option.

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode