Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

vlan pool

This thread has been viewed 1 times

  • 1.  vlan pool

    Posted Jun 20, 2013 03:47 PM

    I would like to assign a vlan-pool to a particular user role.  Is this possible?

     

    I've tried both web-gui and ssh and it won't let me put in a vlan-pool. In fact the ssh actually yells at me and tells me it's a pool and won't do it.

     

    (Aruba620) (config) # (Moss-Aruba620) (config) #user-role Students 

    (Aruba620) (config-role) #vlan Students <---This is the vlan-pool i created

    Named VLAN "Students" is a VLAN pool

    (Aruba620) (config-role) #

     

     



  • 2.  RE: vlan pool

    Posted Jun 20, 2013 03:53 PM
    Are you running 6.3 ArubaOS code? That?s the first version where named VLAN pools are supported.


  • 3.  RE: vlan pool

    Posted Jun 20, 2013 04:06 PM

    Vlan-pools have beeen around for a long time.... not sure why you think they are only supported in 6.3

     

    We are testing on 6.1.3.4 with a 620 controller just trying to prove the concept for a larger install with 7210's.

     

    Large install that will include several buildings but will only have a few user roles. (Staff, Student, Dorm Device)

     

    Will be using CPPM and the goal is instead of creating a vlan for each building's roles (17 buildings x 3 roles = 51 vlans)

     

    We would like to create 3 vlan-pools and then based upon the user login, CPPM would send back role and vlan pool. Or at very least send back role and let the aruba use the role to assign it to the vlan-pool.  We can assign it to a single vlan but not to a pool.

     

    I know we can accomplish this in CPPM but I'm just trying to simplfy how many rules I would need to create in CPPM. 3 General rules instead of rules per each building via AP group.

     

     


    #7210


  • 4.  RE: vlan pool

    Posted Jun 20, 2013 04:12 PM

    See the following post, i had the same question not long ago:

     

    http://community.arubanetworks.com/t5/Authentication-and-Access/Do-Named-VLAN-VSAs-Work/td-p/79728

     

    VLAN pools have been around for a while, but their usage in roles and or RADIUS VSAs was not supported until 6.3.



  • 5.  RE: vlan pool

    Posted Jun 20, 2013 04:26 PM
    True, VLAN pools have been around a while. Being able to use them in roles, server/user derivation and VSAs is new. From the 6.3 release notes:


    VLAN Derivation from Named VLAN Pools

    Named VLANs can be configured under user rule, server derivation, user derivation, and VSA in this release. Previously, only single VLAN ID names supported the above.


  • 6.  RE: vlan pool

    Posted Jun 20, 2013 04:29 PM

    So once I get the 7210's and get them on the 6.3 firmware I'll be able to assign a named vlan-pool to the user role. Right?


    #7210


  • 7.  RE: vlan pool

    Posted Jun 20, 2013 04:31 PM
    Correct.


  • 8.  RE: vlan pool

    Posted Jun 20, 2013 04:33 PM

    Cool... 

     

    Can't wait to test it out.

     

    As always... thanks guys !!!