Wireless Access

last person joined: 4 hours ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

Assign Multiple Vlan in same SSID "Version 8.4"

  • 1.  Assign Multiple Vlan in same SSID "Version 8.4"

    Posted Apr 27, 2019 01:10 PM

    customer have one SSID for staff 
    we put this VAP in a vlan "1"

    the staff is from defferebt department like "IT,HR,Markiting'

    every department could access defferent systmes in the network

     

    how could we make this requirment 
    note that we are in Version 8.4.0.2

     

     



  • 2.  RE: Assign Multiple Vlan in same SSID "Version 8.4"

    Posted Apr 27, 2019 01:18 PM

    Are you currently blocking people in different departments from accessing certain parts of the network when they login to their wired PCs?  If yes, how?  That will determine how much we can use what you are doing now to enforce those policies.

     

    If you are not blocking, you would typically configure roles in the controller for each department that have ACLs that allow or block traffic.  You would then return a radius attribute assigning users that role when they login.



  • 3.  RE: Assign Multiple Vlan in same SSID "Version 8.4"

    Posted Apr 27, 2019 01:26 PM

    NO,all user will be wireless user but we want defference between the user that connect the same SSID "Staff' in vlan "1"

     

    exmaple

     

    user connect to staff and this user in IT can access more systmes
    user connect to staff and this user in HR can not acces spacific system

     

    we make LDAP authentication

     

    we have not PEF licenses or ClearPass 

     

     



  • 4.  RE: Assign Multiple Vlan in same SSID "Version 8.4"

    Posted Apr 27, 2019 01:32 PM

    You cannot do it without a PEF license, because EDIT that would you need PEF to create roles to treat users different.

     



  • 5.  RE: Assign Multiple Vlan in same SSID "Version 8.4"

    Posted Apr 27, 2019 08:55 PM

    we can not make any authorization between cntr and LDAP ?



  • 6.  RE: Assign Multiple Vlan in same SSID "Version 8.4"

    Posted Apr 27, 2019 09:10 PM

    You can, BUT you cannot treat any authenticated users differently without the Policy Enforcment License.



  • 7.  RE: Assign Multiple Vlan in same SSID "Version 8.4"

    Posted Apr 27, 2019 09:13 PM

    Could you share with me how authorization between them without PEF