Amazingly enough, I ran into this exact scenario last night as I was>
testing RADIUS-assigned VLANs for the first time on an Aironet 1100. Setting up dummy ssid sections with the same settings as my primary ssid
(with the exception of the vlan) fixed this problem. ie:
[..]
I figured out that the problem of not association is a bug of the meetinghouse client! ARGH! I really like this piece of software, but this renders it nearly useless.. Anyway, I tried again with Funk's Odyssey client, and *tada* it worked perfectly! Even without the dummy-SSIDs. But when I enabled optional WPA support on my primary SSID, I got the every-10-seconds-reauthentication behaviour. This went away after adding dummy SSIDs as you described. So you can get away with one single SSIDs, as long as you aren't using WPA..And so on and so forth... Your clients will never associate with your secondary ssids, only your primary ssid. The ssid sections seem to be necessary, however, for clients to be placed on whatever VLANs your RADIUS server may place them on. I couldn't find any reference in the Cisco documentation specifically saying "You must have ssid sections for each VLAN you assign from RADIUS", but I did it on a hunch and it worked for me.
I'm now trying to find out what's wrong with the Aegis client - the Odyssey Client works perfectly but is sort of .. strange.
Thanks for your help, Arne
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html