Wireless Access

Reply
New Contributor
Posts: 2
Registered: ‎02-13-2013

User Derived Vlan from Location Rule

We are trying to assing a different Vlan depending on what building our users are in. There is a rule type called "Location" for user derived vlans, but I can't find anything that says what exactly that location would be. It doesn't seem to be the location set when you provision an AP. Furthermore, the user guide has made it more confusing since the "ESSID" rule type looks to be the same as the "Locaton" rule type:

 

ESSID: Assign client to a role or VLAN based
upon the ESSID to which the client is
associated

 

Location: Assign client to a role or VLAN
based upon the ESSID to which the client is
associated

 

The above is from page 342 of the ArubaOS_6.1UG.pdf. Does anyone know what is meant by "Location"? It can't mean the ESSID, right?

 

Thanks!

Guru Elite
Posts: 20,810
Registered: ‎03-29-2007

Re: User Derived Vlan from Location Rule

What you can do, is create a different AP group for each building.  You can then run the WLAN Wizard for each building, create the same wireless network name, except that it will be in a different AP group and have a different VLAN.

 

Why you don't want to do this:  It is much easier to determine where a user is located based on what AP they are associated to, than what VLAN they are in.  If a user is attached to StedmanHall-room330, it means much more than figuring out where 192.168.4.x. is located.

 

As an example, all users can be placed into a single or a few common VLANs where the buildings are connected by high speed switching.  It will save on wasted ip address spacing from assigning too many subnets to a building.  It will also make it easier to configure if you have to renumber subnets.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 2
Registered: ‎02-13-2013

Re: User Derived Vlan from Location Rule

Thanks for the response cjoseph. We had considered splitting up the APs into groups per building, but we were also interested in being able to just assign a vlan based on location for only a specific VAP. We were hoping that Location based rule was tied to the location set in AP provisioning. I'm still not sure what Location really means for those rules.

Guru Elite
Posts: 20,810
Registered: ‎03-29-2007

Re: User Derived Vlan from Location Rule

Well, how many buildings and how many APs per building?  Are they all connected via fiber?

 

As for the location parameter, it is not used very often, so that also makes it less likely that someone would report a problem with it.  I cannot easily assume that it would work the way you want it, in this case...



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 2
Registered: ‎12-27-2015

Re: User Derived Vlan from Location Rule

Hi

 

It makes no sense in the manual where is says (as the previous poster explained)

 

ESSID: Assign client to a role or VLAN based upon the ESSID to which the client is associated

Location: Assign client to a role or VLAN based upon the ESSID to which the client is associated

 

 

how can they both be the same?  you gave the client a good solution but unfortunately, did not answer his question.

 

Is it correct to say that "Location" is really reading the AP's group name for evaluation?  If so, can we correct the manual.  It clearly has a mistake here.

 

Neal

Guru Elite
Posts: 20,810
Registered: ‎03-29-2007

Re: User Derived Vlan from Location Rule

osinstructor,

 

That post (and the ArubaOS code) was from 2013.  The current manual says that location means AP name:

 

Screenshot 2015-12-29 at 21.20.04.png

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: