Feature Notes : When a new VLAN (which does not exist in the entire network) is created in the controller, it needs to be advertised in the entire network so that the clients getting associated to the VLAN can be routable. An alternate way is to enable ip nat inside for the new VLAN. However, any VIA client associated to the VLAN will not be routable until an ACL is added to the role in which the VIA clients fall.
Environment : This article applies to all controllers running OS versions 5.x or later running VIA.
Configuration Steps : Check the role in which the users fall using the following command.
Create an ACL add it to the respective user-role.
The same can be verified using the following command.