Currently, users are authenticated with AD via a Bradford device. The Bradford sets the dynamic vlan on the clients based on the Security Group they are a member of in AD. The bradford is no longer supported and I am trying to get rid of it from the network.
AP management is untagged using Vlan 18, while the client vlans (2, 4 and 6) are tagged to the AP ports.
I have a network policy in NPS for my Eng users which use Vlan 2:
Framed- Protocol - PPP
Service-Type - Framed
Tunnel-Medium-Type - 802
Tunnel-Type - Virtual LANs
Tunne-PVT-group-ID 2
Tunnel-Assignment-ID - 2
Custom
Vender-Specific
Vender Code: 25053
Attribute Number 1
Format: String
Attribute Value : CORP
The CORP role is configured on the Zone Director, however my client is always in Default, even with sending the CORP attribute.
I've confirmed my network configuration is correct by entering each vlan into the VLAN ID box on the WLAN. When I connect with Vlan 2 set, I get an IP in that Vlan, etc.
With Dynamic VLAN checked, and Vlan 1 in the VLAN ID box, I receive an IP in the AP management range, not in the proper vlan.
I'm running a pair of ZD1100s with Smart Redundancy on 9.8 build 373
Any assistance would be greatly appreciated,
Joe
