Wireless Access

Reply
Frequent Contributor II

VLAN Assignment by AP Group

Is it possible to assign a vlan based on AP group?

 

I'd like to break up a school building into 3 different vlans based on floor.

 

I thought about creating a new AP group for each floor.

 

If I wanted all the APs on a certain floor to assign clients to a specific vlan, would I create new VAP under that AP Group that assigns the VLAN?

 

Is there a better way to do this?  I'm planning for the future where we may have an Apple TV in each classroom and would like to minimize the list on the devices to just that floor and segment the traffic.

 

Does this option make sense?

 

We are not using Airgroup or Clearpass.  Airgroup isn't functioning correctly.

 

Thanks.

Guru Elite

Re: VLAN Assignment by AP Group

Yes, each VAP can have its own vlan or vlan pool assigned. That's
probably your best bet.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Guru Elite

Re: VLAN Assignment by AP Group


morrisch@alliancecityschools.org wrote:

Is it possible to assign a vlan based on AP group?

 

I'd like to break up a school building into 3 different vlans based on floor.

 

I thought about creating a new AP group for each floor.

 

If I wanted all the APs on a certain floor to assign clients to a specific vlan, would I create new VAP under that AP Group that assigns the VLAN?

 

Is there a better way to do this?  I'm planning for the future where we may have an Apple TV in each classroom and would like to minimize the list on the devices to just that floor and segment the traffic.

 

Does this option make sense?

 

We are not using Airgroup or Clearpass.  Airgroup isn't functioning correctly.

 

Thanks.


You can create an 3 AP-Groups that have a copy of the same Virtual AP.  The only difference between Virtual APs is that they will have a different VLAN.  Why you WOULD NOT do this, is that you cannot control whether or not a user associates to an access point on the same floor or on the floor above or below.  The question is, do you want ALL users to have access to Apple TVs or just certain users?  Do you have those apple TVs wired on separate subnets already?



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Frequent Contributor II

Re: VLAN Assignment by AP Group

I thought about them potentially joining the floor below but I typically don't see this happening when I look at my client distribution. But I understand where this could be an issue.

 

I would like all users to have access to the Apple TV for students to have the ablity to show their work on the screen.  The Apple TV is on the wireless network(not wired) along with the iPads on the same subnet.  Right now the entire building is on the same subnet and if I continued to add Apple TVs to each classroom we could end up with over 100 on the same subnet and showing up in the list.

 

It's working well so far with 10 Apple TVs I have.

 

What are my other options?

Frequent Contributor II

Re: VLAN Assignment by AP Group

Okay that was my thought...But I still have the concern of clients not joining APs on the same floor...

Guru Elite

Re: VLAN Assignment by AP Group


morrisch@alliancecityschools.org wrote:

Okay that was my thought...But I still have the concern of clients not joining APs on the same floor...


If your Apple TVs are wireless, there is STILL the realistic concern of them not joining an access point on the same floor.

 

If you do not have ClearPass, you could choose to NOT show Apple TVs based on user role, VLAN and type of Mdns advertised service.  If you get to more than 10 access points, you will then have Apple TVs that you don't even want people to see, which means you would need the more granular access controls of clearpass which extends access to user groups, ap-groups and adjacent location.

 

I will wait to hear anyone who has airgroup and is using it with or without ClearPass in higher education to mention how they are using it.

 

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: