Dynamic VLANs
Navigate to Identities :: Groups
Notice that there is already an IP Group for the vSZ. It was created automatically when we created the infrastructure device.
Create a Management IP Group
Click Create New in the IP Groups scaffold.
| Field | Value |
|---|---|
| Name | Management |
| Priority | 8 |
| Addresses | Management LAN |
Navigate to Policies :: Captive Portals
Create the Management Policy
Notice there is already a Lab vSZ policy, which was created when the infrastructure device was created.
Click Create New in the Policies scaffold. This policy will be added to the RADIUS server ACL in the next step.
| Field | Value |
|---|---|
| Name | Management |
| IP Groups | Management |
Navigate to Services :: RADIUS
Edit the Default RADIUS Server Options
Click Edit in the Default record of the RADIUS Server Options scaffold.
Enable the Management policy. Notice that the Lab vSZ Policy was added automatically at creation.
Click Update.
Create a New RADIUS Server Realm
Click Create New in the RADIUS Server Realm scaffold.
| Field | Value |
|---|---|
| Name | Customer Assignment |
| Policies | None selected |
| Attribute Patterns | |
| Priority | 0 |
| Attribute | Called-Station-ID |
| Pattern | lab01-customer |
| Sharing | Per-Device |
| VLANs | Customer VLAN 1100 |
| Reuse | Checked |
| Infrastructure Devices | Lab vSZ |
| Respone Attributes | Tunnel-Type: VLAN |
Tunnel-Medium-Type: IEEE-802 Tunnel-Private-Group-ID: %vlan_tag_assignment.tag% |
Final result
CONFIGURE CONTROLLER FOR DVLAN
Create AAA Server
