Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Dynamic VLAN Assignment with ACS 5.1 and Wireless LAN Controller

Hi,

     I would like to go for "Dynamic VLAN Assignment with ACS5.1 and Wireless LAN Controler". I want the AP to broadcast only 1 SSID. The  client find the SSID -> Input Credential > RADIUS Authentication > Assign user based on Group Policy.

I try to read the document below.

Dynamic VLAN Assignment with RADIUS Server and Wireless LAN Controller Configuration Example

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076317c.shtml#switch


Controller: Wireless Domain Services Configuration

http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_example09186a00801c951f.shtml

But it don't work on ACS 5.1. Please advice me about configuration on ACS 5.1.

Thanks,

2 REPLIES
Cisco Employee

Re: Dynamic VLAN Assignment with ACS 5.1 and Wireless LAN Contro

Hi,

From those documents, only the ACS 5.x part is slightly different, however the attributes present on the RADIUS Access-Accept are the same: 64,65,81.

The ACS 5.x has an easy way to achieve dynamic VLAN assignement where you only have to select an Authorization Profile and specify if you want to do VLAN assignment and what VLAN you want. The ACS will then use the needed RADIUS attributes.

Please take a look into the example screenshot attached.

HTH,

Tiago

--

If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

New Member

Re: Dynamic VLAN Assignment with ACS 5.1 and Wireless LAN Contro

Hi

     I try to debug with command "debug aaa event enable" on WLC that it show information below

*emWeb: Oct 27 02:35:02.992: 34:15:9e:8a:32:ce Override values for station 34:15:9e:8a:32:ce

                                                                                                source: 48, valid bits: 0x1

            qosLevel: -1, dscp: 0xffffffff, dot1pTag: 0xffffffff, sessionTimeout: -1

*emWeb: Oct 27 02:35:02.992: 34:15:9e:8a:32:ce Override values (cont..) dataAvgC: -1, rTAvgC: -1, dataBurstC: -1, rTimeBurstC: -1

                                                                                                                                    vlanIfName: '', aclName: ''

*emWeb: Oct 27 02:35:02.992: 34:15:9e:8a:32:ce Inserting new RADIUS override into chain for station 34:15:9e:8a:32:ce

*emWeb: Oct 27 02:35:02.993: 34:15:9e:8a:32:ce Override values for station 34:15:9e:8a:32:ce

                                                                                                source: 48, valid bits: 0x1

            qosLevel: -1, dscp: 0xffffffff, dot1pTag: 0xffffffff, sessionTimeout: -1

*emWeb: Oct 27 02:35:02.993: 34:15:9e:8a:32:ce Override values (cont..) dataAvgC: -1, rTAvgC: -1, dataBurstC: -1, rTimeBurstC: -1

                                                                                                                                    vlanIfName: '', aclName: ''

*emWeb: Oct 27 02:35:02.993: 34:15:9e:8a:32:ce Applying override policy from source Override Summation:

And I have some question.

1. Am I must config LEAP for this feature?

2. I cann't configure RADIUS(Airespace). Is it require for this feature?

Regard,

angerninta

1359
Views
0
Helpful
2
Replies
CreatePlease to create content