What does Ruckus mean specifically when it says it supports "Dynamic VLANs"?

  • 1
  • Question
  • Updated 1 year ago
  • Answered
Does this mean specifically support for 802.1x services or .1x like services?  
Photo of Kyle Gatlin

Kyle Gatlin

  • 5 Posts
  • 0 Reply Likes

Posted 1 year ago

  • 1
Photo of NiklasMato

NiklasMato

  • 21 Posts
  • 7 Reply Likes
Dynamic vlans are attributed by radius or DPSK. 

Dynamic PSK (one time passwords you can create in the ZD or VSZ)
Or you can let a user login with a username and password that is checked agains a radius server. If this user has a specific vlan attribute assigned to it's account, the controller will connect the wifi client to the destined vlan. 
Photo of Kyle Gatlin

Kyle Gatlin

  • 5 Posts
  • 0 Reply Likes
I understand the latter (802.1x) on a switch and how that configuration looks on an interface used for physical connectivity.  When u sing 802.1x for Wireless would you still configure the switchport facing an AP the same way?

Or do you still have a management VLAN, an access VLAN, and the wireless controller itself has a separate VLAN database?

Curious as to how this works in an environment where the AP switches traffic across the network normally instead of tunneling to the Director.  
Photo of Michael Brado

Michael Brado, Official Rep

  • 2167 Posts
  • 299 Reply Likes
If you maintain a separate management VLAN for your ZD and APs, that's normal and best practice.

You need to support the default VLAN of the 802.1x WLAN that you define, *and* the additional VLAN(s) you want the user Role to specify.

The new 'Dynamic VLAN' is assigned to the client by their authentication, then a COA or DM, will disconnect the client who immediately is
re-associated and assigned to the specified new VLAN.  Client DHCP request goes out on that VLAN, etc from there.