Video Screencast Help

SNAC and Cisco Aironet Wireless question

Created: 15 Apr 2009 • Updated: 21 May 2010 | 4 comments
Dung's picture
This issue has been solved. See solution.

Hi,
I'm new with SNAC. I have tested SNAC( + LAN enforcer)  for wired LAN with cisco switch (3750), Microsoft Windows 2003 + IAS. It works fine but I can't extend NAC to wireless network. I use Cisco Aironet 1130AG which mode is  autonomous. In SEP 11 Management Console, if I configure an action to OPEN PORT when successful, wireless client can switch to access vlan based on

Tunnel-Pvt-Group-id (set in IAS). But when I change this action to Switch to VLAN Access and disable VLAN attributes in IAS, Cisco Aironet can't change VLAN. While LAN Enforcer reports successfully in authentication, and in Aironet's web management, new event log is  "Station xxxx.xxxx.xxxx authentication fail". Why is happened ? Does anyone has been successful in SNAC+ wireless network? Do you have any document, any guide how to integrate SNAC with cisco aironet wireless ( autonomous ) ? please send to me !

Thank you !

Dung

Comments 4 CommentsJump to latest comment

Craige Jiang's picture

Hi, Dung

  Inorder to support dynamic wireless VLAN assignment on Cisco wireless environment, you need a wilress LAN controller. The Cisco 1130AG itself won't support this feature. It must work with a wireless VLAN controller to support this. Please refer to following URL.

http://supportwiki.cisco.com/ViewWiki/index.php/Dynamic_VLAN_Assignment_with_RADIUS_Server_and_Wireless_LAN_Controller_Configuration_Example

Thanks
Craige

Dung's picture

Hi, Craige
Thank you for fast reply ! I have done SNAC with aironet 1130AG integrated. I did a little trick when adding Aironet, I chose Cisco Catalyst profile (not Cisco Aironet Series). In Aironet, I create all VLANs associated with SSIDs, but broadcast one SSID as GuestMode. Now in SEP Manager, I can also set a policy to change radio client to any VLAN, not only OPEN port

Thanks
Dung

SOLUTION
Rafael Carvalho's picture

Where I set the configurations on Cisco Controller to uses SNAC for autenthication and dynamic Vlan ????