Filter
Top Products
Chapter 20 VLAN
NWA-3500/NWA-3550 User’s Guide
244
ZyXEL uses the following standard RADIUS attributes returned from Microsoft’s
IAS RADIUS service to place the wireless station into the correct VLAN:
The following occurs under Dynamic VLAN Assignment:
1 When you configure your wireless credentials, the NWA sends the information to
the IAS server using RADIUS protocol.
2 Authentication by the RADIUS server is successful.
3 The RADIUS server sends three attributes related to this feature.
4 The NWA compares these attributes with the VLAN screen mapping table.
4a If the Name, for example “VLAN 20” is found, the mapped VLAN ID is used.
4b If the Name is not found in the mapping table, the string in the Tunnel-
Private-Group-ID attribute is considered as a number ID format, for
example 2493. The range of the number ID (Name:string) is between 1 and
4094.
4c If a or b are not matched, the NWA uses the VLAN ID configured in the
WIRELESS VLAN screen and the wireless station. This VLAN ID is
independent and hence different to the ID in the VLAN screen.
20.5.3.1 Configuring VLAN Groups
To configure a VLAN group you must first define the VLAN Groups on the Active
Directory server and assign the user accounts to each VLAN Group.
1Using the Active Directory Users and Computers administrative tool, create the VLAN
Groups that will be used for each VLAN ID. One VLAN Group must be created for each
VLAN defined on the NWA. The VLAN Groups must be created as Global/Security groups.
1a Type a name for the VLAN Group that describes the VLAN Group’s function.
1b Select the Global Group scope parameter check box.
1c Select the Security Group type parameter check box.
Table 81 Standard RADIUS Attributes
ATTRIBUTE NAME TYPE VALUE
Tunnel-Type 064 13 (decimal) – VLAN
Tunnel-Medium-Type 065 6 (decimal) – 802
Tunnel-Private-Group-
ID
081 <vlan-name> (string) – either the Name you enter in
the NWA’s VLAN > RADIUS VLAN screen or the
number. See Figure 161 on page 251.