You would do all this configuration under Policy Elements > Authorization and Permissions > Network Access > Authorization Profiles. You would likely need a different profile for each vlan that you want returned. The VLAN is selected on the "Common Tasks" page of each profile:
Once you have profiles configured for each vlan you want to return, edit your Access Policies and return the appropriate Authorization Policy based on whatever criteria you want (external user groups, network devices, etc).
Many thanks for your reply and sorry for not coming back earlier. I had a problem with my provider and therefore was out of service for the last few days.
In the meantime I found the solution by myself :-)
May I ask you another question:
I Have another customer running a WLC 4402/ ACS 5.1 to connect MACs wireless to the network. He is running 2 SSIDS (CASSIOPEIA, POLLUX) to separate the VLANs (CASSIOPEIA = VLAN_ID 25 for students, POLLUX 0 VLAN_ID 26 for teachers).
Now we would like to separate teachers and students using 802.1x. I tried several configs but unfortunately none of them worked correctly.
Can you give me some hints and tipps how to configure this szenario on the WLC as well as on the ACS ?
I really appreciate your support and thanks very much in advance
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...