09-19-2013 12:42 AM
Not sure why you would want to do this, but you just create an SSID profile for each SSID and apply it to a Virtual-AP profile. In the Virtual-AP profile you can define the VLAN the clients are placed on.
The Aruba User Guide covers this in detail.
ACDX #98 | ACMP | ACCP
09-19-2013 01:16 AM
Normally you don't want to create an SSID per VLAN. Using ArubaOS, you can create an "employee" SSID and have the VLAN assigned dynamically based on the user connecting to the SSID (i.e. Markteting employee gets VLAN 100, Engineering gets VLAN 200 and so on).
Also please have a look at the Campus Validated Reference Guide for more information: http://www.arubanetworks.com/technology/reference-design-guides/#Campus
09-19-2013 02:39 AM
actually i have three department HR, Technical and marketing and all the pc have wireless connectivity i want that HR get ip from 192.168.1.0/24, Technical get ip from 192.168.2.0/24 and marketing get ip from 192.168.3.0/24
please reply as soon as possible
09-19-2013 02:54 AM
Use 1 SSID with 802.1x authentication using RADIUS against user directory (e.g. Active Directory). Have rules on the RADIUS server which send back a RADIUS attribute based on the group the user belongs to. From this a specific VLAN can be applied.
If you read the user guide and VRD on campus networks you should get an idea how to implement 802.1x.
ACDX #98 | ACMP | ACCP
09-19-2013 04:16 AM
Please forgive me in advance but this is a bad idea. You can accomplish what you want via role based access with usernames and passwords for a SINGLE ssid. If you don't want to use RADIUS and 802.1x that's fine...you can use our internal DB for user accounts if you want.
By having multiple and unneeded SSIDs, you are using more of the shared airtime for just broadcasting and beaconing those SSIDs. This will take away airtime for actual client data. I understand you want to have multiple subnets per functinoal department. That can also be done on a single SSID. In each role you would assign, you can specify a VLAN ID.
So...in your scenario, it would be the following:
1. A Single SSID
2. Using AD or RADIUS for backend role based derivation OR use our internal DB for each user or department
3. Create roles based on the functional groups and assign the VLAN ID in that role.
Consulting Systems Engineer - ACCX, ACDX, ACMX
If you found my post helpful, please give kudos