[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

dynamic VLAN not working with RADIUS

Posted on 2016-08-22
3
Medium Priority
?
122 Views
Last Modified: 2016-08-23
Hi Experts,

I have a RADIUS NPS running on Windows Server 2012, and have configured this to work with 802.1X wireless.

I've got to the point where a user needs to be in the relevant security group in AD in order to connect to the wireless network; so I know that authentication is working.

However I then proceeded to specify VLAN information in the Network Policy, as below, but when I connect a windows 7 laptop to this network, while being logged in as an authenticated user, this connects fine but does not use the VLAN I have specified.

Network Policy
VLAN 8 on our switches, has its own IP Helper Address, which points to an ADSL router on that VLAN... so this should then use a separate internet connection.. but it is not using VLAN 8 at all.. it continues to use a native VLAN 1 ... and the computer uses our corporate network internet connection.

Any tips?

thanks
Nathan
0
Comment
Question by:Nathan Lindley
  • 2
3 Comments
 
LVL 47

Expert Comment

by:Craig Beck
ID: 41765216
Is your WLC honouring the VLAN ID that the RADIUS is sending?  You need to tell the WLC to apply a VLAN ID that is dictated by RADIUS, rather than what you have set on the SSID.
0
 

Author Comment

by:Nathan Lindley
ID: 41765251
Hi Craig,

I am using a Cisco WAP4410N with 2.0.7.4 firmware. I am not too sure where I would specify this on here.. I'll attach some screenshots?

setup-advanced.PNG
wireless-connection-control.PNG
wireless-security.PNG
wireless-VLAN-and-QOS.PNG

Thanks
0
 
LVL 47

Accepted Solution

by:
Craig Beck earned 2000 total points
ID: 41766810
Hmm, so unfortunately the WAP4410N doesn't support dVLAN assignment.  It's a small-business AP so Cisco kindly restricted its feature-set. :-(
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Measuring Server's processing rate with a simple powershell command. The differences in processing rate also was recorded in different use-cases, when a server in free and busy states.
In this article, the configuration steps in Zabbix to monitor devices via SNMP will be discussed with some real examples on Cisco Router/Switch, Catalyst Switch, NAS Synology device.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question