Wireless Access

last person joined: 17 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

2 different vlan in same SSID

This thread has been viewed 15 times

  • 1.  2 different vlan in same SSID

    Posted Dec 21, 2019 10:34 AM

    i have 2 bulding A,B .

    each buliding has its controller

    the 2 controllere has L3 Cluster between each other "V8"

    There was MM that terminate the 2 controlleres 

    All AP in 2 bulding generate same SSID

     

    the question is :-

    i want client in bulding A get IP from Valn 10.

    when the same client go to bulding B take another IP from Vlan 20. While he connecting in same SSID.. each VLAN has deffernt Firewall policy in the comtroller

     

    is there accplicable in this secnairo if not what is applicable to meet this requrimnets.

     



  • 2.  RE: 2 different vlan in same SSID

    EMPLOYEE
    Posted Dec 21, 2019 11:04 AM

    There is a problem with your design: 

    There is no real purpose to a layer 3 cluster, because all clients will be disconnected when access points from one controller fail over to another cluster, which will cause a disruption.  That eliminates the real purpose of a cluster, which is seamless client failover when access points connect to a different controller.

     

    Secondly, you should not design a network where a client will obtain a different ip address when it is in a different building, because the client will face manual disruption to its applications, and that will generate helpdesk calls.

     

    Best design:

    Put both controllers in the same building, where the cluster will be l2 and clients will be able to preserve VLANs and ip addresses when roaming AND if a controller fails, connectivity will be preserved if access points fail to a second controller, as well.



  • 3.  RE: 2 different vlan in same SSID

    Posted Dec 21, 2019 11:16 AM

    no way to but the controllers in same Bulding.

    There was no L2 connectivity between the 2 bulding only L3 connectivity.

     

    Now customer has 2 bulding and each bulding has its seperate controller V6 and now he want to migirate with 2 new contrller V8 and make a cluster between them . So he request the ablove requrimnt. client vlan change when the bulding change 

     

    i know that there will not seamless between L3 cluster but we have no option to make a L2 cluster in the soultion 



  • 4.  RE: 2 different vlan in same SSID

    EMPLOYEE
    Posted Dec 21, 2019 01:02 PM

    There is no advantage of making a layer 3 cluster.  The performance and the requirement for clients to disconnect will be the same as it is now.



  • 5.  RE: 2 different vlan in same SSID

    Posted Dec 21, 2019 03:50 PM

    i can not understand your reply . did you understand the cureent soultions and the req.?



  • 6.  RE: 2 different vlan in same SSID

    Posted Dec 21, 2019 04:29 PM

    now each bulding has controller when this controller fails no backup for it.

     

    when we have a L3 cluster between 2 controllers there was a backup for each other even clients disconnect 



  • 7.  RE: 2 different vlan in same SSID

    Posted Dec 21, 2019 04:55 PM

     i think i have mistake in explain the requriments.

     

    when the client controller "A" is fail So that the client attemp to communicate with other controller "B" so that we want the client take ip from defferent vlan not the same user vlan in the controllere B

     

    A AND B  is layer3 cluster.

     

    cluster is intergrated with a raduis server



  • 8.  RE: 2 different vlan in same SSID

    EMPLOYEE
    Posted Dec 21, 2019 05:10 PM

    Okay, I think I understand.

     

    Do you have control plane security enabled?

     



  • 9.  RE: 2 different vlan in same SSID

    EMPLOYEE
    Posted Dec 21, 2019 05:17 PM

    Wait,

     

    If controller A and B share the same configuration and in the Virtual AP, you have VLAN 10 configured, the user will attempt to connect to VLAN 10 on both controllers.  Did you try defining a VLAN name, assigning the Vlan name to the Virtual AP, then assigning the vlan name to VLAN 10 on controller A and VLAN 20 on controller b?

     



  • 10.  RE: 2 different vlan in same SSID

    Posted Dec 21, 2019 06:26 PM

    yes th controller A . B same configuration but deffernt in areas that it services. each conroller service 1 bulding in same time each controller backup to the other 

     

    what we want if client connect in controller A with vlan 10 , then controllere A fails, so clinets will connect to the controller B "No isssue here", So that we want when clinet go to controller B after controller A is fail is to get vlan 20 , controller B user valn is 30 not 20.

     

    we want spacific vlan if client was connect to the controllere A and A was down. clinet will not get IP from Controller B user vlan "30". but will get ip from special vlan 20 .

     

    we want vlan 20 on the controller B for this reason only

     

     



  • 11.  RE: 2 different vlan in same SSID

    MVP
    Posted Dec 22, 2019 03:26 PM

    The only thing i can think of here is:

    - Configure VLAN20 and VLAN30 as named VLAN and then configure the named VLAN on the vAP.

    - Configure on Controller 1 -> VLAN 20 (no VLAN30)
    - Configure on Controller 2 -> VLAN 30 (no VLAN20)

    - Make sure that Controller 1 has no access to VLAN 30 (put an ACL on the uplink switch to deny traffic to that network subnet) - so DHCP Request can not pass through VLAN 30 from Controller 1
    - Make sure that Controller 2 has no access to VLAN 20 (put an ACL on the uplink switch to deny traffic to that network subnet) - so DHCP Request can not pass through VLAN 20 from Controller 2

     

    ----Although i am not sure what sort of design you have there, but sounds not that "user-friendly" for my opinion-----