We want to configurate Some vlans(vlan2-accounting department,, vlan3-helpdeks,,vlan4-sales,vlan5-security,vlan6--Engineer) for wireless users but use only one SSID for example name Corparate. WLC authenticate with Cisco ISE devices for wireless users. In ISE use external database Active Directory(AD). When accounting department employees connect Corporate SSID the wlc or ise assign it appropriate vlan. How I configure this topology? please provide me any documentation.
Your answer above is really helpful. But I would like to ask how the single SSID with multiple VLANs configured in WLC. Would you have to create separate dynamic interfaces for each VLAN, create an Interface group, then assign the SSID to the interface group or would you use the management interface and the switch does the vlan assignment based on the VLAN tag from the AAA override.
In most WLAN systems, each WLAN has a static policy that applies to all clients associated with a Service Set Identifier (SSID), or WLAN in the controller terminology. Although powerful, this method has limitations because it requires clients to associate with different SSIDs in order to inherit different QoS and security policies.
However, the Cisco WLAN solution supports identity networking. This allows the network to advertise a single SSID, but allows specific users to inherit different QoS or security policies based on the user credential.
Dynamic VLAN assignment is one such feature that places a wireless user into a specific VLAN based on the credentials supplied by the user. This task of assigning users to a specific VLAN is handled by a RADIUS authentication server, such as CiscoSecure ACS. This can be used, for example, to allow the wireless host to remain on the same VLAN as it moves within a campus network.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :