08-01-2019 06:52 AM
Hi,
If I want to authorize users from a specific AD group access to a specific VLAN do I need to have that VLAN configured as an interface on the WLC?
Thanks,
-Jack
Solved! Go to Solution.
08-02-2019 04:03 AM
No you don't. You just need to have an Airespace ACL that's assigned to the user session by your policy server (e.g., ISE or ACS). The ACL will restrict all users except the authorized ones from accessing the destination subnet that's associated with the VLAN.
You could also alternatively use Scalable Group Tags (SGTs).
08-02-2019 04:03 AM
No you don't. You just need to have an Airespace ACL that's assigned to the user session by your policy server (e.g., ISE or ACS). The ACL will restrict all users except the authorized ones from accessing the destination subnet that's associated with the VLAN.
You could also alternatively use Scalable Group Tags (SGTs).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide