Hello,

 I'm looking at setting up a small PoC in the office for dynamic VLAN assignment using 802.1x. I'd like to have  a switch whereby people can plug into any port and be dropped onto a different VLAN according to the credentials they entered. Most of the examples I've seen doing this use a wireless controller and\or a router.

 I'm wondering if I can do this with just a Cisco 2960 switch (supports dynamic vlans), a DC, DHCP server and an NPS server or if I need to get a Cisco or Ms Router setup as well?

Thanks

Hi Peter.Siffredi,

According to your description, you want to deploy dynamic VLAN assignment with NPS authentication.

As you have Cisco switch that supports dynamic vlans, it seems that we need to know if the switch support assigning the wireless LAN clients into a specific VLAN dynamically, or we still need a wireless LAN controller to support dynamically assignment. Maybe you can post your problem to Cisco forum for answer.

Besides, here are some reference about 802.1X authenticated wireless deployment:

https://technet.microsoft.com/en-us/library/Dd283093(v=WS.10).aspx

Best regards,

Anne he

Hi,

A 2960 will work. I have used a 2950 in the past with success. However you will need to create a network policy for each VLAN and you must configure the VLANs on the switch first. NPS will evaluate the connection request and if it matches your user account condition it will move the port to the appropriate VLAN based on the Tunnel-Pvt-Group-ID configured in the network policy.

-Greg