Hi!
I'm trying to setup a solution where the initial role has vlan x and after the user has authenticated with captive portal (internal via radius) the authenticated role gets vlan y.
show aaa debug vlan user ip x.x.x.x
VLAN types present for this User
================================
Default VLAN : y
Initial Role Contained : x
VLAN Derivation History
=======================
VLAN Derivation History Index : 12
1. VLAN 0 for Reset VLANs for Station up
2. VLAN y for Default VLAN
3. VLAN y for Current VLAN updated
4. VLAN x for Initial Role Contained
5. VLAN x for Current VLAN updated
6. VLAN x for VLAN exported
7. VLAN 0 for Reset VLANs for Station up
8. VLAN y for Default VLAN
9. VLAN y for Current VLAN updated
10. VLAN x for Initial Role Contained
11. VLAN x for Current VLAN updated
12. VLAN x for VLAN exported
Current VLAN : x (Initial Role Contained)
But the user seems to keep vlan x all the time, is this not supported ?
Not sure I understand this correctly, maybe my soultion isn't supported ?
https://community.arubanetworks.com/t5/Controller-Based-WLANs/How-does-L2-authentication-based-vlan-derivation-work-Explain/ta-p/177408