Wireless Access

Is it possible to assign a vlan based on AP group?

I'd like to break up a school building into 3 different vlans based on floor.

I thought about creating a new AP group for each floor.

If I wanted all the APs on a certain floor to assign clients to a specific vlan, would I create new VAP under that AP Group that assigns the VLAN?

Is there a better way to do this?  I'm planning for the future where we may have an Apple TV in each classroom and would like to minimize the list on the devices to just that floor and segment the traffic.

Does this option make sense?

We are not using Airgroup or Clearpass.  Airgroup isn't functioning correctly.

Thanks.

Okay that was my thought...But I still have the concern of clients not joining APs on the same floor...

---

morrisch@alliancecityschools.org wrote:

Okay that was my thought...But I still have the concern of clients not joining APs on the same floor...

---

If your Apple TVs are wireless, there is STILL the realistic concern of them not joining an access point on the same floor.

If you do not have ClearPass, you could choose to NOT show Apple TVs based on user role, VLAN and type of Mdns advertised service.  If you get to more than 10 access points, you will then have Apple TVs that you don't even want people to see, which means you would need the more granular access controls of clearpass which extends access to user groups, ap-groups and adjacent location.

I will wait to hear anyone who has airgroup and is using it with or without ClearPass in higher education to mention how they are using it.

---

morrisch@alliancecityschools.org wrote:

Is it possible to assign a vlan based on AP group?

 

I'd like to break up a school building into 3 different vlans based on floor.

 

I thought about creating a new AP group for each floor.

 

If I wanted all the APs on a certain floor to assign clients to a specific vlan, would I create new VAP under that AP Group that assigns the VLAN?

 

Is there a better way to do this?  I'm planning for the future where we may have an Apple TV in each classroom and would like to minimize the list on the devices to just that floor and segment the traffic.

 

Does this option make sense?

 

We are not using Airgroup or Clearpass.  Airgroup isn't functioning correctly.

 

Thanks.

---

You can create an 3 AP-Groups that have a copy of the same Virtual AP.  The only difference between Virtual APs is that they will have a different VLAN.  Why you WOULD NOT do this, is that you cannot control whether or not a user associates to an access point on the same floor or on the floor above or below.  The question is, do you want ALL users to have access to Apple TVs or just certain users?  Do you have those apple TVs wired on separate subnets already?

I thought about them potentially joining the floor below but I typically don't see this happening when I look at my client distribution. But I understand where this could be an issue.

I would like all users to have access to the Apple TV for students to have the ablity to show their work on the screen.  The Apple TV is on the wireless network(not wired) along with the iPads on the same subnet.  Right now the entire building is on the same subnet and if I continued to add Apple TVs to each classroom we could end up with over 100 on the same subnet and showing up in the list.

It's working well so far with 10 Apple TVs I have.

What are my other options?