Working with VLANs
User-assigned VLANs
7-6
User-assigned VLANs
VLANs can be assigned on a per-user basis using attributes defined in a user’s RADIUS
account, or via VLAN definitions in a local user account profile. These user-assigned VLANs
are also called dynamic VLANs because they are applied dynamically after a user is
authenticated and override the static definitions on VSCs or VSC bindings.
For a complete description on how VLANs affect traffic flow, see Traffic flow for wireless
users on page 7-6.
VLAN assignment via RADIUS
To define a VLAN in a user’s RADIUS account, you need to set the RADIUS attributes Tunnel-
Medium-Type, Tunnel-Private-Group-ID, and Tunnel-Type. The Tunnel-Private-Group-ID
attribute should be set to the name of the VLAN. A VLAN number can also be specified, but
this not recommended.
See the Access Accept section under User attribute definitions on page 15-20 for more
information on these attributes.
VLAN assignment via the local user accounts
VLANs can be assigned on a per-user basis by configuring a user account profile with the
appropriate VLAN number. See Defining a user account on page 10-30 and Defining
account profiles on page 10-32.
Traffic flow for wireless users
Due to the large number of features that can make use of VLANs, and the way in which these
features interact, VLAN settings at different points in the configuration can affect traffic flow
for wireless users in different ways. The following tables provide an overview of all possible
configuration settings and how they affect data flow. The tables are organized according to
the type of VSC that is being bound to an AP.
To Next Page
Loading...
Need help?
General
