Thanks Jake, I have an interface setup on vlan 20 for the access-points for a test. the wlan with the duplicated SSID is using 121. I have applied it to it's own AP group for that building. The packetfence is seeing the source still as the mgmt of the controller. I have been through the interface and wlan screens but must be missing the "make the request using the mgmt ip address" check box.
Thanks Sean On 2014-12-03 12:12, Sallee, Jake wrote: > Yo! Jake here. Sorry it has taken me a bit to get back with you, its > a bit crazy for me right now. > > We have attempted to solve the same SSID + different VLan issue in two > ways. The first way involved some custom code and a custom DB table. > Basically the way it worked was when a user authenticated on one of > our Cisco LWAPPs the APs MAC would be found in the table and the > associated VLan prefix would be appended to the VLan return value. > > This worked well for a while but it proved to be a bit of a pain > through upgrades since if the files I had customized (technically > Inverse did most of the customizations, I just touched it up a bit due > to changes through multiple upgrades) needed to be inspected and > verified to work properly after a PF upgrade. > > The last upgrade I did, I botched pretty badly (I thought I was on the > dev box ... turns out I was not ... oops) the net effect of which was > I setup PF from scratch and imported the DB with all of my nodes, APs, > etc from a backup ... but that also meant that I had to put back my > customizations that made upgrades difficult. So I started looking for > another way, and I found the way we are currently doing it now. > > A strange quirk of the WLC is that you cannot have SSIDs with the same > name. It was at this point I was stumped since I am not allowed to > change the name of our SSID. But then I found a very poorly > documented feature of the WLC. > > You CAN have duplicate SSIDs so long as the WLAN ID is at least 18, > after that you can duplicate SSID names as much as you like. > > "WHAT?!", I hear you say. > > "Yes, indeed!", I say. > > "But why 18? That seems arbitrary and foolish." You respond. > > "Yes, yes it does." I sigh. > > So, currently our setup is this. A single SSID per building that is > attached to the interface group for that building. The WLC has an IP > in the management VLan for the interface group so when it talks to PF > it will use that IP. All thats left is to add the necessary IPs to PF > as independent switches and viola! it works with no custom code > required and it is upgrade safe, YAY! > > I can explain more fully if needed but this is the best way we have > found yet. If anyone else out there has a better way I would be very > interested in learning about it. > > Jake Sallee > Godfather of Bandwidth > System Engineer > University of Mary Hardin-Baylor > WWW.UMHB.EDU > > 900 College St. > Belton, Texas > 76513 > > Fone: 254-295-4658 > Phax: 254-295-4221 > > ________________________________________ > From: forums [[email protected]] > Sent: Wednesday, December 03, 2014 11:12 AM > To: [email protected] > Subject: [PacketFence-users] Cisco WLC same SSID different vlans > > I see that Jake back in 2012 had a thread "New Cisco WLC module?" and > it > is the same issue I am running into. I need to offer the same SSID > across the facility but need to use different vlans depending on which > building the user is in. > > The WLC is running 7.6.130.0. Under authentication I can have the Auth > Call Station ID type be the Ethernet mac of the AP, AP Name, AP Group, > AP Location, etc. I can see the proper AP Ethernet mac address when I > watch the pf.log. > > I was looking at using the AP Ethernet mac address, but AP location > would be better as it would involve a smaller database. I am looking > at > custom.pm but am not seeing a variable for the switch_mac that I could > use. > > Am I overlooking something? Has somebody else done this since 2012? > > Thanks > Sean > > ------------------------------------------------------------------------------ > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server > from Actuate! Instantly Supercharge Your Business Reports and > Dashboards > with Interactivity, Sharing, Native Excel Exports, App Integration & > more > Get technology previously reserved for billion-dollar corporations, > FREE > http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > ------------------------------------------------------------------------------ > Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server > from Actuate! Instantly Supercharge Your Business Reports and > Dashboards > with Interactivity, Sharing, Native Excel Exports, App Integration & > more > Get technology previously reserved for billion-dollar corporations, > FREE > http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk > _______________________________________________ > PacketFence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
