Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

cisco WLC 5508

Hi Guys,

I have a cisco wlc 5508 fixed at one of my remote head office and 3 (AIR-CAP3502I-E-K9) APs at remote branch office connect via flex connect mode (IPLC link).I have created a single SSID and added all three APs to that. What i want to know is, i got 4 different subnets in my LAN (branch office) and the authentication is done by the nps server in branch office, also there is a dhcp server which lease IP addresses to the client, how can I configure to lease the IP address for the correct subnet/VLAN base on the AD membership of the user? Because now it leases IP from the native VLAN which I have given on the WLC.If any one can help me on this,its great.

BR

Jana

13 REPLIES

Re: cisco WLC 5508

You would need to be running 7.2 code to take advantage of this feature. With 7.2, you define what VLAN that the FCAP has access to.  Then from AAA return 64/65/81 attributes to set the VLAN.

http://www.cisco.com/en/US/docs/wireless/controller/7.2/configuration/guide/cg_flexconnect.html#wp1247954

Steve

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
Hall of Fame Super Silver

Re: cisco WLC 5508

Didn't know that was possible, but I guess in 7.2:)

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Re: cisco WLC 5508

Yeah, 7.2 added AAA Override, and ACL for FlexConnect.

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
Hall of Fame Super Silver

Re: cisco WLC 5508

I'm going to have to test that out to see how well it works:)

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***
Hall of Fame Super Silver

Re: cisco WLC 5508

Vlan changing on FlexConnect APs are not supported. Only when an ap is in local mode can you force the wlc to change the vlan.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

cisco WLC 5508

Even when the WLC is in the local mode, how can you push the vlan information when the user is in AD.

Thanks

NikhiL

cisco WLC 5508

Based on the group, and what attributes you return for the user.  YOu can do forced vlan assignment/AAA Override via an AAA server.

Steve

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
Hall of Fame Super Silver

Re: cisco WLC 5508

Just like what Steve mentioned, you can send radius attributes back to the wlc to make vlan change, QoS and even session timeout. Just need to make sure AAA override is enabled on the WLAN.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

Re: cisco WLC 5508

I was wondering how to do it when the user is not there in ACS. With the Groups getting mapped to Authentication Profile, it is cool

Hall of Fame Super Silver

Re: cisco WLC 5508

You can also use radius sequence to first look at AD then internal ACS group too.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***
New Member

cisco WLC 5508

Hi Guys,

Thank you for the reply.Ya my WLC is 7.2

Hi

Scott Fella  did you test this ?? did it work?

BR

Jana

Hall of Fame Super Silver

Re: cisco WLC 5508

I did not test this out yet. I might be able to today.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
New Member

cisco WLC 5508

Hi scott fella,

Ok great,please let me know your out come.

BR

Jana.

655
Views
0
Helpful
13
Replies
CreatePlease to create content