Controller-less WLANs

How to configure and verify VLAN derivation for Instant AP (IAP) wired clients?

by on ‎07-03-2014 07:17 PM

This article explains a new feature introduced in IAP OS version 6.2.1.0-3.3.0.0 wherein, we can now configure VLAN derivation for wired clients on IAPs. Prior to this version VLAN derivation for wired clients was not supported.

 

All the sample outputs in this article have been tested on IAP 105 running 6.2.1.0-3.3.0.0.

 

 

Environment : This article applies to all the IAPs running a minimum OS version of 6.2.1.0-3.3.0.0.

 

Through WebUI:

  1. Create a Wired profile with “Employee” Network by navigating to “More” on top right of the WebUI and select “wired”.

rtaImage.png

 

rtaImage (1).png

 

2. Select the “Client IP assignment” as Network assigned. The VLAN derivation rule will appear at the bottom. Create a new rule.

 

rtaImage (2).png

 

3. Choose an authentication method between mac authentication and 802.1x authentication and choose the authentication server as an external Radius server.

 

 

rtaImage (3).png

 

4. Complete the remaining wired profile configuration as per the requirement.

 

Through CLI:

wired-port-profile <Profile name>
   switchport-mode trunk| Access
   allowed-vlan <vlan IDs>
   native-vlan <VLAN ID>
   no shutdown
   access-rule-name <rule-name>
   speed auto
   duplex auto
   poe
   type employee
   auth-server <external server name>
   captive-portal disable
   dot1x
set-vlan AP-Group  equals Aruba 99
wlan access-rule permitall
rule any any match any any any permit

 

To verify and troubleshoot:

show clients wired debug” can display the content of wired client including the VLAN assigned.
show datapath user” on the client’s associated IAP can show the Vlan information of the connected client.

 

rtaImage (4).png

 

Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.