HPE Community
M and MSM Series
1753477 Members
5984 Online
108794 Solutions
New Discussion

MSM720 (UAM user defined vlan)

 
Nico75d
Occasional Contributor

‎02-11-2016 11:21 AM

‎02-11-2016 11:21 AM

MSM720 (UAM user defined vlan)

Hello,

Concidering i have fully 802.1X + Radius (UAM) working on wired connetions, i'm in trouble with MSM720 and wireless.

MSM720 configured with 2 SSID and Authentication + Radius profile.
HP560 (AP's)

Connection :

The EAP process and dot1x supplicant is working and the client receives DHCP for the 2 subnets respectively.
For example :   
192.168.2.0 VLAN2 | SSID : SSID2 User : Test2
192.168.3.0 VLAN3 | SSID : SSID3  User : Test3

Problem :

If I do the auth on the SSID2 with the user Test3, the process works and I get DHCP From vlan2. 

My PEAP-EAP Policy are ok. I think the UAM pushs the radius parameters and MSM720 overrides the proper vlan for the user.

Thanks for your help.
Have a good day.

 

0 Kudos
1 REPLY 1
RamKrish
Valued Contributor

‎02-14-2016 07:15 PM

‎02-14-2016 07:15 PM

Re: MSM720 (UAM user defined vlan)

Hope you are not having any static VSC binding on the MSM group level based on the SSID.

In any case, if the Radius Accept message from UAM contains the VLAN attribute then MSM should use that VLAN to map the user traffic.  It should not map it to other vlan in your case it should map to vlan 3 for test 3 and NOT vlan 2.

To validate this, you might need to do a wireshark packet capture on the IMC/UAM server and we need to see the actual radius packets to understand if UAM is indeed sending the correct return attributes to the MSM or not.

Regards
Ram
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.