Role based Access Control Policy: how to assign a dynamic VLAN based on role?

  • 1
  • Question
  • Updated 4 weeks ago
We want to assign a dynamic VLAN based on the role of a user.

SSID settings: RBAC enabled, dynamic VLAN enabled, client fingerprinting enabled
Role settings: RBAC enabled, VLAN number filled in
The users get the right role assigned.

But still: no-one gets the VLAN of his role, everyone is stuck on the initial VLAN of the SSID.

Any ideas about what is prohibiting the assignment of the role VLAN?





Photo of Pieter Schepens

Pieter Schepens

  • 25 Posts
  • 1 Reply Like

Posted 1 month ago

  • 1
Photo of Santhosh DK

Santhosh DK, Employee

  • 9 Posts
  • 1 Reply Like

Hi Pieter,

We would need more details about the controller type, software version, etc.

Please log a case from the link below. However, an active support contract is must.

 

I hope you have purchased support contract for your controller.

 

https://support.ruckuswireless.com/cases/new

 

 

Regards

Santhosh

Photo of Pieter Schepens

Pieter Schepens

  • 25 Posts
  • 1 Reply Like
Thanks, we'll log a case (we purchased support contract).

We're using a ZoneDirector 1200 with software 10.4.1.0 build 214.



Any advice on assigning dynamic VLAN's is welcome.


Photo of Karthik

Karthik, Employee

  • 43 Posts
  • 25 Reply Likes
Hi Pieter, 

This might be helpful to you. https://support.ruckuswireless.com/hth-zonedirector#zd-8021x-auth

Thanks
Karthik.
Photo of Pieter Schepens

Pieter Schepens

  • 25 Posts
  • 1 Reply Like
Meanwhile, we managed to use the role based access policy on a 802.1X WLAN: the users get the VLAN that's configured in their role on the ZoneDirector or in the radius attributes. It still doesn't work when we user captive portal/Web authentication based on a radius server or Active Directory, but when we use 802.1x EAP for authentication, it now works.