Way to Ignore Dynamic VLAN using WPA2 on IOS AP and ACS?
I am trying to setup an IOS AP using 12.3(8)JEB1 to use WPA2 using ACS 4.0(1)Build 44. I am trying to use PEAP with MSCHAPv2.
The problem I am having is that the only way I can get the client to associate, is if I configure the the AP's SSID to be the same VLAN that is stated in the " Tunnel-Private-Group-ID" field of the group that the dynamic user is in.
When I configure the SSID to the VLAN it should be, the client never authenticates, even though the ACS server shows it as a "Passed Authentication".
When I do a "debug radius authentication", I get this message "%DOT11-4-NO_VLAN_ID: Vlan id 1100 from Radius server is not configured for station xxxx.xxxx.xxxx" (MAC address removed).
Is there a way to configure the AP to ignore the " Tunnel-Private-Group-ID" field?