Wireless Access

Reply

what determines the user default VLAN?

when i use show user-table ip <ip> i get among the information the following line:

 

...

Vlan default: 80, Assigned: 0, Current: 0 vlan-how: 0

...

 

what determines this Vlan default value? is there a knowledge base article or such?

Re: what determines the user default VLAN?

The default VLAN assigned is usually the one in the Virtual AP profile.  There are other factors that can override this like a user or server derived rule or a RADIUS reply with a VLAN attribute

Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
Email: seth@hpe.com
-----
If you found my post helpful, please give kudos

Re: what determines the user default VLAN?

ok, thank you Seth. i suspected that, but wanted to be sure.

 

but what when i don't configure a VLAN on the virtual AP profile?

Re: what determines the user default VLAN?

In terms of the other things, they are listed here.

 

http://www.arubanetworks.com/techdocs/ArubaOS_63_Web_Help/Web_Help_Index.htm#ArubaFrameStyles/Network_Parameters/About_VLAN_Assignments.htm

 

 


If my post is helpful please give kudos, or mark as solved if it answers your post.

ACCP, ACCX #817, ACMP, ACMX #294

Re: what determines the user default VLAN?

thanks very useful link, still wondering about what happens when i dont configure a VLAN on the virtual AP?

 

actual reason is that i have experienced twice recently on a virtual AP without VLAN configured that it had a Default VLAN in the output and i cant understand where it comes from.

Re: what determines the user default VLAN?

boneyard, Is that vlan 40 the vlan for your controller-ip?  I was in the office and tested by removing the vlan in the VAP and my client got an ip.

 

The vlan it got the ip was from my controller-ip vlan....either that or it was the first in the list of a 'show ip interface brief'.

 

You're right though, I should not have gotten an ip address.

 

Vlan default: 3, Assigned: 0, Current: 3 vlan-how: 0 DP assigned vlan:0

 

 


If my post is helpful please give kudos, or mark as solved if it answers your post.

ACCP, ACCX #817, ACMP, ACMX #294

Re: what determines the user default VLAN?

vlan 80 you mean i think and yes it was, that could probably be it then. makes a certain sense. still dont get why it suddenly occurs, but i believe best practice would be to set a VLAN on your VAP.

Re: what determines the user default VLAN?

Yeah, I meant 80.

 

I don't think this is right. If there's no vlan on the vap or other vlan derivation, then the device should be without a vlan or 'blackholed'. 

 

Many years ago in an old VRD, user guide or something I remember it saying that an ap in default group broadcasting Aruba-ap was not a security concern because there was no vlan and the device can't pass traffic.  Clearly somewhere along the line that changed.

 

Personally, I view that as a bug.


If my post is helpful please give kudos, or mark as solved if it answers your post.

ACCP, ACCX #817, ACMP, ACMX #294
Guru Elite

Re: what determines the user default VLAN?


Michael_Clarke wrote:

Yeah, I meant 80.

 

I don't think this is right. If there's no vlan on the vap or other vlan derivation, then the device should be without a vlan or 'blackholed'. 

 

Many years ago in an old VRD, user guide or something I remember it saying that an ap in default group broadcasting Aruba-ap was not a security concern because there was no vlan and the device can't pass traffic.  Clearly somewhere along the line that changed.

 

Personally, I view that as a bug.


Michael_Clarke,

 

I think you should find that old VRD user guide or something so that we can understand what you are talking about.  aruba-ap is no longer configured by default for awhile now.  A Virtual AP without  a VLAN gets the controller's management VLAN.  The VLAN on a Virtual AP is designed to set a default VLAN if needed.  It was not designed as a security measure if the VLAN does not exist.  That is not a bug.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Re: what determines the user default VLAN?

for me it al least explains what happens, thank you both.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: