I tested this about a year ago. I don't believe you can do it. AAA
Override is currently not supported with H-REAP. I think Cisco may be
adding it in newer code versions, but I do not think the feature
currently exists.
I tried with FreeRADIUS, WISM1, and 1140 series AP in HREAP mode. I
believe it is a known caveat. Let me know if you find otherwise. I
will see if I can dig up notes from when I tried this last.
Thanks,
Curtis Larsen
University of Utah
Wireless Network Engineer
On 06/21/2012 12:33 PM, Ashfield, Matt (NBCC) wrote:
HI All
We are trying to get dynamic vlan assignment using Cisco FlexConnect
Local switching. I'm wondering if anyone can provide any insight into
this. Feel free to contact me off-list if you don't want to post
here.
Our setup: Radius Server: Windows 2008, but also have a Cisco ACS
server we've tried WLC version: 7.20.235 AP: 3500 series
We have flexconnect configured on the WLC. We have the AP plugged
into a switch port with 3 vlans (30,31,32 for sake of example)
trunked between switch and AP. We can get an endpoint to
authenticate, but when they are connected, they are put in the Native
vlan (in this case, vlan 30). We do not seem to be able to get the
AAA override part of this working, whereby the Radius server would
send attributes to the AP to tell it what vlan to put the user device
into.
We have got had dynamic vlan assignment working without using
FlexConnect (ie, data traffic tunneled back to the controller instead
of locally switched), but seem to be missing something in this
scenario.
Any info/advice you can provide is appreciated.
Thanks
Matt
********** Participation and subscription information for this
EDUCAUSE Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
