Manualshelf

WESM zl Management and Configuration Guide WT.01.28 and greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
411412413414415416417418419420
4-80
Wireless Local Area Networks (WLANs)
VLAN Assignment
The Wireless Edge Services zl Module determines the VLAN to which to assign
incoming wireless traffic based on one of two criteria:
the wireless users identity
the wireless station’s WLAN
You configure WLAN-based VLAN assignments manually. (See “Setting Basic
Configuration Options: SSID and VLAN Interface” on page 4-30.)
Identity or user-based VLAN assignments are dynamic and received from an authen-
tication server. This server can be either the Wireless Edge Services zl Module’s
internal RADIUS server on an external RADIUS server. You must activate dynamic
VLANs on a WLAN in order for the module to enforce dynamic VLAN assignments.
(See “Setting Basic Configuration Options: SSID and VLAN Interface” on
page 4-30.)
Note that the Wireless Edge Services zl Module can use both kinds of assignment on
the same WLAN, but dynamic settings always take precedence when dynamic
VLANs are enabled. For example, you manually assign WLAN 1 to VLAN 10.
Users A, B, and C connect to WLAN 1; however, the RADIUS database only
includes a VLAN assignment for users A and B. When user C connects to the
WLAN, the module forwards its traffic in VLAN 10. When user A connects to the
WLAN, the authentication server sends users’ VLAN assignment, and the module
forwards user As traffic in VLAN 20. (See Figure 4-48.)
Figure 4-48. WLAN Versus Identity-Based VLAN Assignment