Wireless Access

Reply
New Contributor

VLAN assigned by user role

I am having an issue with my clients staying on my on boarding VLAN even if I have a VLAN defined in my user roles on the controller.

 

Here is my network setup: I have 3 VLANs VLAN1, VLAN2, VLAN3.

VLAN1 is my guest VLAN and the VLAN I use to on-board my clients.

They connect to VLAN1 choose the correct link for guest or internal user. If they are an intenal user they get either a Staff or Student user role. Staff user role is setup to use VLAN2 and Student is setup to use VLAN3.

The issue I am having is that the clients stay connected to  VLAN1 too long. They get the correct user role but do not change VLANs.If they turn off wireless on their device for 10 to 15 minutes they reauthenicate and the user role and VLAN are correct. I should also note this only happens on initial autherntication or after lease has expired and they need to reauthicate.

Is there a setting or configuration I can make to force the client to move imediately to the VLAN of the user role?

Guru Elite

Re: VLAN assigned by user role

A role change does not force a client to do DHCP.  It would put them on a different layer 2 subnet, but if the link on the client stays the same, it will not re-dhcp.  The poor-man's way to handle this is to give your initial VLAN a very short dhcp lease..



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: VLAN assigned by user role

Hi

 

Which products do you use? Where do you define the role change?

 

The question is because you use ClearPass your able to send a disconnect over CoA (Change of Authorization). That's remove the client from the client list on the controller and the user reauthenticat it again.

The bad thing is, it could be that the client don't reconnect automaticly. 

 

I hope this helps.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: