Log in to ask questions, share your expertise, or stay connected to content. Don’t have a login? Join now.
I am trying to setup assigning VLAN based on user role. I have user roles CMISO (vlan 900) and CMAUTH (vlan 220) configured. I have created a test VAP/ESSID where the inital role is CMISO but the client pulls an ip from the vlan of the mgmt interface of the controller (VLAN 10). The only way to get the client to pull an address not from VLAN 10 is to set the VLAN under the VAP. However it still ignores the VLAN setting in the user profile.
I am running 6.2.1.1
You can set the VLAN under the user-role.
Is that VLAN is up and already exist on the controller ?
DO the following:
show vlan
show profile-errors
And also make sure that the VLAN is on your trunks back to the uplink switch if that is how you have it setup .
I did a show profile-errors and there are none.
Can you please share your user-role config ?
user-role CMAuthvlan 220access-list session allowallaccess-list session v6-allowall
user-role CMISOvlan 900access-list session allowallaccess-list session v6-allowall
yes we are trying mac auth. the aaa config in the vap point to the appropriate user roles.
no auth under ssid profile
Rebuilt my mac-auth profile and seems to be working again. not sure what happened. thx for help!!
Trunks exist and are up. If I set the VAP vlan to 900 or 220 I am able to pull an ip address in the appropriate vlan. It is when the VAP vlan is "not configured" I pull from the mgmt vlan.
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.