Wireless Access

Reply
Contributor I
Posts: 60
Registered: ‎12-15-2011

VLAN based on Location

[ Edited ]

I want to use the User Role/VLAN filter to set a VLAN based on Location.  The User Guide (p 342) says that location is based on ESSID.  This must be a typo because there already is an ESSID Rule Type.  I tried to use FQLN as a value for Location but that didn't work.  What is the correct Value to use for the Location Rule Type?  I would like to use "contains string in FQLN".

 

Thanks.

Guru Elite
Posts: 21,010
Registered: ‎03-29-2007

Re: VLAN based on Location

I'm not sure what parameter is used by that.  How many different locations do you have that you want to provide a different VLAN to?

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I
Posts: 60
Registered: ‎12-15-2011

Re: VLAN based on Location

I have about 12 locations per controller.  I would like to use a VLAN pool (ie 2-3 VLANs) per location.  I would like to assign a user to a VLAN pool based on their location. Thanks.

Guru Elite
Posts: 21,010
Registered: ‎03-29-2007

Re: VLAN based on Location

Will all of those Vlans be available at the controller?

 

As a general practice, you should create an AP-group for each location.  You should then duplicate the Virtual AP (save as) with the different VLANS, and add them to each AP group.  When the APs come up, you provision them to the new APs groups that were created.

 

Does that make sense?

 

The user derivation rule would only allow you to assign one VLAN per rule and not a VLAN pool, anyway....

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I
Posts: 60
Registered: ‎12-15-2011

Re: VLAN based on Location

It does make sense.   I thought I was simplifying things by using one AP Group because all the locations share the SSIDs but it only complicated things.   Thank-you.

Contributor I
Posts: 60
Registered: ‎12-15-2011

Re: VLAN based on Location

To cjoseph,

 

I have another question about your solution above.  I will have one backup controller in an N+1 configuration.  I will extend all the VLANs to the backup controller.  After a controller failure, will the associated clients, which have already been assigned a VLAN and IP addr, continue to get the same VLAN at the backup controller automatically  OR  do I need a special mapping rule at the backup controller to ensure this happens?      Thanks.

Guru Elite
Posts: 21,010
Registered: ‎03-29-2007

Re: VLAN based on Location

The backup controller should inherit the configuration and act just like the primary controller.  Your job on the local controller is to make create the same layer-2 VLANS so that they can be placed on the same subnets upon failover.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I
Posts: 60
Registered: ‎12-15-2011

Re: VLAN based on Location

Will the backup controller also get the PTKs and GTKs for established associations?  Is this done via the Master?

Guru Elite
Posts: 21,010
Registered: ‎03-29-2007

Re: VLAN based on Location

[ Edited ]

Those are negotiated when a client associates to a new AP, irrespective of which controller it is on.  The effect after failover is not measurable.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: