Main Nav

Message from matt.ashfield@nbcc.ca

HI All

 

We are trying to get dynamic vlan assignment using Cisco FlexConnect Local switching. I’m wondering if anyone can provide any insight into this. Feel free to contact me off-list if you don’t want to post here.

 

Our setup:

Radius Server: Windows 2008, but also have a Cisco ACS server we’ve tried

WLC version: 7.20.235

AP: 3500 series

 

We have flexconnect configured on the WLC. We have the AP plugged into a switch port with 3 vlans (30,31,32 for sake of example) trunked between switch and AP. We can get an endpoint to authenticate, but when they are connected, they are put in the Native vlan (in this case, vlan 30). We do not seem to be able to get the AAA override part of this working, whereby the Radius server would send attributes to the AP to tell it what vlan to put the user device into.

 

We have got had dynamic vlan assignment working without using FlexConnect (ie, data traffic tunneled back to the controller instead of locally switched), but seem to be missing something in this scenario.


Any info/advice you can provide is appreciated.

 

Thanks

 

Matt

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

Comments

Message from curtis.k.larsen@utah.edu

I tested this about a year ago. I don't believe you can do it. AAA Override is currently not supported with H-REAP. I think Cisco may be adding it in newer code versions, but I do not think the feature currently exists. I tried with FreeRADIUS, WISM1, and 1140 series AP in HREAP mode. I believe it is a known caveat. Let me know if you find otherwise. I will see if I can dig up notes from when I tried this last. Thanks, Curtis Larsen University of Utah Wireless Network Engineer On 06/21/2012 12:33 PM, Ashfield, Matt (NBCC) wrote: > HI All > > We are trying to get dynamic vlan assignment using Cisco FlexConnect > Local switching. I'm wondering if anyone can provide any insight into > this. Feel free to contact me off-list if you don't want to post > here. > > Our setup: Radius Server: Windows 2008, but also have a Cisco ACS > server we've tried WLC version: 7.20.235 AP: 3500 series > > We have flexconnect configured on the WLC. We have the AP plugged > into a switch port with 3 vlans (30,31,32 for sake of example) > trunked between switch and AP. We can get an endpoint to > authenticate, but when they are connected, they are put in the Native > vlan (in this case, vlan 30). We do not seem to be able to get the > AAA override part of this working, whereby the Radius server would > send attributes to the AP to tell it what vlan to put the user device > into. > > We have got had dynamic vlan assignment working without using > FlexConnect (ie, data traffic tunneled back to the controller instead > of locally switched), but seem to be missing something in this > scenario. > > Any info/advice you can provide is appreciated. > > Thanks > > Matt > > ********** Participation and subscription information for this > EDUCAUSE Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > > ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
Message from daniel@fnutt.net

Message from daniel@fnutt.net

Close
Close


Annual Conference
September 29–October 2
Register Now!

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.

Close

Digital Badges
Member recognition effort
Earn yours >

Career Center


Leadership and Management Programs

EDUCAUSE Institute
Project Management

 

 

Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.

 

Close
EDUCAUSE organizes its efforts around three IT Focus Areas

 

 

Join These Programs If Your Focus Is

Close

Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
 

 

Close

2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations


Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.