Cisco Systems 3.2 Manuale Utente

The identity-based networking feature uses authentication, authorization, and accounting (AAA) 
override. When the following vendor-specific attributes are present in the RADIUS access accept 
message, the values override those present in the wireless LAN profile:

QoS level 

802.1p value 

VLAN interface name 

Access control list (ACL) name

In this release, support is being added for the AAA server to return the VLAN number or name using the 
standard “RADIUS assigned VLAN name/number” feature defined in IETF RFC 2868 (RADIUS 
Attributes for Tunnel Protocol Support). To assign a wireless client to a particular VLAN, the AAA 
server sends the following attributes to the controller in the access accept message:

IETF 64 (Tunnel Type): VLAN 

IETF 65 (Tunnel Medium Type): 802 

IETF 81 (Tunnel Private Group ID): VLAN # or VLAN Name String

This enables Cisco Secure ACS to communicate a VLAN change that may be a result of a posture 
analysis. Benefits of this new feature include:

Integration with Cisco Secure ACS reduces installation and setup time 

Cisco Secure ACS operates smoothly across both wired and wireless networks

This feature supports 2000, 4100, and 4400 series controllers and 1000, 1130, 1200 and 1500 series 
lightweight access points.

The Cisco Wireless LAN Solution operator can upload and download operating system code, 
configuration, and certificate files to and from a Cisco Wireless LAN Controller using CLI commands, 
Web User Interface commands, or Cisco WCS. 

To use CLI commands, refer to the 

.

To use Cisco WCS to upgrade software, refer to the Cisco Wireless Control System Configuration 
Guide. Click this URL to browse to this document: