Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

dynamic VLAN not working with RADIUS

Posted on 2016-08-22
3
Medium Priority
?
106 Views
Last Modified: 2016-08-23
Hi Experts,

I have a RADIUS NPS running on Windows Server 2012, and have configured this to work with 802.1X wireless.

I've got to the point where a user needs to be in the relevant security group in AD in order to connect to the wireless network; so I know that authentication is working.

However I then proceeded to specify VLAN information in the Network Policy, as below, but when I connect a windows 7 laptop to this network, while being logged in as an authenticated user, this connects fine but does not use the VLAN I have specified.

Network Policy
VLAN 8 on our switches, has its own IP Helper Address, which points to an ADSL router on that VLAN... so this should then use a separate internet connection.. but it is not using VLAN 8 at all.. it continues to use a native VLAN 1 ... and the computer uses our corporate network internet connection.

Any tips?

thanks
Nathan
0
Comment
Question by:Nathan Lindley
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 47

Expert Comment

by:Craig Beck
ID: 41765216
Is your WLC honouring the VLAN ID that the RADIUS is sending?  You need to tell the WLC to apply a VLAN ID that is dictated by RADIUS, rather than what you have set on the SSID.
0
 

Author Comment

by:Nathan Lindley
ID: 41765251
Hi Craig,

I am using a Cisco WAP4410N with 2.0.7.4 firmware. I am not too sure where I would specify this on here.. I'll attach some screenshots?

setup-advanced.PNG
wireless-connection-control.PNG
wireless-security.PNG
wireless-VLAN-and-QOS.PNG

Thanks
0
 
LVL 47

Accepted Solution

by:
Craig Beck earned 2000 total points
ID: 41766810
Hmm, so unfortunately the WAP4410N doesn't support dVLAN assignment.  It's a small-business AP so Cisco kindly restricted its feature-set. :-(
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question