Wireless Access

last person joined: 8 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

User Derived Vlan from Location Rule

This thread has been viewed 0 times

  • 1.  User Derived Vlan from Location Rule

    Posted Feb 13, 2013 06:36 PM

    We are trying to assing a different Vlan depending on what building our users are in. There is a rule type called "Location" for user derived vlans, but I can't find anything that says what exactly that location would be. It doesn't seem to be the location set when you provision an AP. Furthermore, the user guide has made it more confusing since the "ESSID" rule type looks to be the same as the "Locaton" rule type:

     

    ESSID: Assign client to a role or VLAN based
    upon the ESSID to which the client is
    associated

     

    Location: Assign client to a role or VLAN
    based upon the ESSID to which the client is
    associated

     

    The above is from page 342 of the ArubaOS_6.1UG.pdf. Does anyone know what is meant by "Location"? It can't mean the ESSID, right?

     

    Thanks!



  • 2.  RE: User Derived Vlan from Location Rule

    EMPLOYEE
    Posted Feb 13, 2013 10:13 PM

    What you can do, is create a different AP group for each building.  You can then run the WLAN Wizard for each building, create the same wireless network name, except that it will be in a different AP group and have a different VLAN.

     

    Why you don't want to do this:  It is much easier to determine where a user is located based on what AP they are associated to, than what VLAN they are in.  If a user is attached to StedmanHall-room330, it means much more than figuring out where 192.168.4.x. is located.

     

    As an example, all users can be placed into a single or a few common VLANs where the buildings are connected by high speed switching.  It will save on wasted ip address spacing from assigning too many subnets to a building.  It will also make it easier to configure if you have to renumber subnets.

     



  • 3.  RE: User Derived Vlan from Location Rule

    Posted Feb 15, 2013 01:00 PM

    Thanks for the response cjoseph. We had considered splitting up the APs into groups per building, but we were also interested in being able to just assign a vlan based on location for only a specific VAP. We were hoping that Location based rule was tied to the location set in AP provisioning. I'm still not sure what Location really means for those rules.



  • 4.  RE: User Derived Vlan from Location Rule

    EMPLOYEE
    Posted Feb 15, 2013 01:52 PM

    Well, how many buildings and how many APs per building?  Are they all connected via fiber?

     

    As for the location parameter, it is not used very often, so that also makes it less likely that someone would report a problem with it.  I cannot easily assume that it would work the way you want it, in this case...



  • 5.  RE: User Derived Vlan from Location Rule

    Posted Dec 29, 2015 10:09 PM

    Hi

     

    It makes no sense in the manual where is says (as the previous poster explained)

     

    ESSID: Assign client to a role or VLAN based upon the ESSID to which the client is associated

    Location: Assign client to a role or VLAN based upon the ESSID to which the client is associated

     

     

    how can they both be the same?  you gave the client a good solution but unfortunately, did not answer his question.

     

    Is it correct to say that "Location" is really reading the AP's group name for evaluation?  If so, can we correct the manual.  It clearly has a mistake here.

     

    Neal



  • 6.  RE: User Derived Vlan from Location Rule

    EMPLOYEE
    Posted Dec 29, 2015 10:23 PM

    osinstructor,

     

    That post (and the ArubaOS code) was from 2013.  The current manual says that location means AP name:

     

    Screenshot 2015-12-29 at 21.20.04.png