How can I set up 3 different VLANs on Cisco 5508

Unanswered Question
Aug 28th, 2013
User Badges:

Dear  Community Members,

  I have a need to setup three (3) VLANs with different SSID's for students , staff and visitors in a  College.

The controller is Cisco 5508  with Cisco 3502E-E-K9 AP

presently the wireless  network is flat with just one VLAN 


Staff would log in using active directory user name and password.

Student would log in using username and Registration number  Possibly using RADIUS SERVER

How best can i achieve this.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Scott Fella Wed, 08/28/2013 - 06:36
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

If you have a flat network you can't segregate the traffic.  You can create the SSID's you have listed, but they will be mapped to the vlan everything is on.  If you are using AD and want to authenticate with that, then I suggest you also have a radius server and you need to also use 802.1x.  Devices that connect need to support 802.1x.  I don't know what devices you have nor what it can or can't support, but in an ideal environment, all your staff laptops are joined to the domain so you can push out the wireless GPO.  Students and Guest, well that depends on what you want to do with them.  Students are also in AD, but you will need to supply instructions on how they would setup their devices to connect. if you plan on using 802.1x.

Might be best to talk to your local SE to help plan what you need to do.  Typically we would sit with a customer for a couple hours or a day to gather information to determine the best setup.



Help out other by using the rating system and marking answered questions as "Answered"

kaaftab Fri, 08/30/2013 - 14:24
User Badges:
  • Silver, 250 points or more

Scenes  you are using single vlan so the point of have multiple SSID is useless  and the better approach will be using the AD for both authentication  and managing the Group policy for both. In this way you can manage both  students and Staff Kindly see the following link for step by step config  and understand Group policy

Server 2008/2012


cisco document server 2003  (another explaining in detail the flow)




This Discussion



Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode