Wireless Access

Reply
Frequent Contributor II

Role-Based Vlan Pools

Is there a way to set a server rule under an Authentication Server Group so that a user gets assigned to a VLAN Pool as opposed to just specific VLAN?

Guru Elite

Re: Role-Based Vlan Pools

There is not a way at this time.

 

You may decide that you want to assign a group of users a different role, but just allow them to consume the same pool under the VAP.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase

Re: Role-Based Vlan Pools

Based on the information provided at the airheads conf this will available in the 6.3 AOS code
Thank you

Victor Fabian
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Frequent Contributor II

Re: Role-Based Vlan Pools

Thanks, can you elaborate on how I could achieve what I'm looking for?

Re: Role-Based Vlan Pools

As Colin mention this type of setup unfortunately is not possible at the moment
Thank you

Victor Fabian
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Frequent Contributor II

Re: Role-Based Vlan Pools

Okay.  I thought there might have been an alternative method to acheive what I wanted by this comment.

 

"You may decide that you want to assign a group of users a different role, but just allow them to consume the same pool under the VAP."

Guru Elite

Re: Role-Based Vlan Pools

The question is.... What are you trying to accomplish?  What is your situation?


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Frequent Contributor II

Re: Role-Based Vlan Pools

I would like to assign students who authenticate via 802.1x to be assigned to a VLAN Pool on the same SSID as everyone else.    As opposed to just a single VLAN.

Guru Elite

Re: Role-Based Vlan Pools

Okay, so you might want to turn it around, then:

 

Assign a pool of VLANs to the Virtual AP.  If a student authenticates via 802.1x just allow them on the radius server side or assign a role that does NOT have a VLAN assigned.  For others, you can assign them to a role that has a single VLAN tied to the role:

 

Your Virtual AP has vlans 10,20,30.

 

When your students authenticate, they will end up in one of those VLANs.

Say a faculty member authenticates, you can respond with the radius server with a single VLAN that you want faculty in, or a role that has a single VLAN tied to it.

 

Does that make sense?

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Frequent Contributor II

Re: Role-Based Vlan Pools

Absolutely.  I definitely follow your logic. 

 

Until they come out with the ability to do the role based stuff then I wouldn't be able to assign staff to a pool using the same SSID.

 

Thanks for all your input!

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: