I have 2 user groups (Staffs and Students) on Windows AD and I created 2 WLANs using Cisco ACS to authenticate users. I want Staffs access wlan STAFF, Students access wlan STUDENT respectively; Staffs are not allowed accessing wlan STUDENT and vice versa but I can't find in ACS or WCL to do that. Pls help me!
By default two WLANs are not allowed to communicate on WLC. You will have to configure WLAN and map it to specific VLAN. Have a look at the following example. But if you want to restrict the communcation between WLANs don't configure sub-interfaces on the router. Let Router's ethernet interface be in the same subnet as the Management IP of WLC.