I need your help please ;-)
I have a vWLC (version 220.127.116.11).
I have configured an interface called office10 172.19.19.0 /24 (this is my office network)
My management network is 192.168.200.0 /24 (for all APs)
I configured a network called "NormalOffice" with an interface/interfaceGroup "office10"(office network) and an preshared key.
Now when the clients connect to this network with the preshared key they get an ip address from my dhcp server from the network 172.19.19.X.
Great it is working as it should.
Now I want to set-up a wireless network with an authentication from my Radius server:
I followed this instructions from here to set-up a radius server: http://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/115988-nps-wlc-config-000.html
I configured a Radius server on WINServer2012R2. Installed certificate, configured NPS like in the tutorial above.
Now on the vWLC I created a second wireless network called "RadiusOffice". Made the same settings like in the tutorial.
Layer 2 security: WPA + WPA2 plus authentication 802.1X. Interface group is also set to office10 like in my first network (NormalOffice)
The problem is now when the clients connect I get an ip address from my management network (192.168.200.X) and not from my office network.
1. What do I have to configure that my clients get a office ip address and not an ip from my management network?
2. What I don`t understand from the tutorial is, that he configures the wireless network to Layer2 security WPA+WPA2 plus authentication
802.1X. But why doesn`t he only change the Layer2 security to 802.1X?
Thank you for your help
//Edit in Windows Server NPS Policy I also configured the VLAN attributes for the cisco wlc, but my clients get still an ip address from the same network of my access points.
I got the information that I need FlexConnect groups.
I made one but here are some pictures, I think than it is easier to see what I did:
Edited by Paul279, 03 August 2015 - 09:08 AM.