Wireless Access

Hi

Is it possible to use captive portal with dynamic vlan assignment on aruba controller? I've tried for 802.1x method, but not sure how to do it for captive portal. Need some advice and guidance on this.

Thanks

Regards

Michael

Michael,

You can, in theory, switch VLANs on a captive portal authentication. For Aruba, return the VLAN with the captive portal authentication from your authentication server.

However, realize that captive portal requires a valid IP address on the client. If you switch VLANs to a different VLAN before - and after authentication, your client will still have the same IP for the old VLAN, resulting in loss of connectivity.

Switching VLANs after clients received IP addresses is a problematic thing in general. Clients typically don't like VLAN switches by the network.

Some report that setting the DHCP lease-time very short (10-20 seconds) may work as the client will then renew the IP every time; however this approach is a bit flakey.

With Aruba WLAN, the better solution is to use different roles and put access-lists and QoS on those roles. The roles may switch and change the access while client remains in the same VLAN subnet; which is probably the result that you want to achieve.

Herman

You could assign a VLAN pool to the SSID, and have the controller dynamically assign VLANs.

We Swith VLAN's on a Captive Portal set-up with MAC-Auth.  Works Great... on Aruba equipment however aruba will sugest you use roles.