Here’s how to get AAA Override working on a Cisco WLC using FreeRadius backed with MySQL:
- Enable AAA Override on the WLAN on the WLC
- Create a Dynamic Interface on the WLC with a vLAN and IP address
- Add the following to the
radreplyMySQL table:
| id | username | attribute | op | value |
| n | username | Tunnel-Type | = | VLAN |
| n | username | Tunnel-Medium-Type | = | IEEE-802 |
| n | username | Tunnel-Private-Group-Id | = | vlanId |
The NAS (WLC) will receive these parameters in the Radius reply packet when user username authenticates and will place the user on the interface with the corresponding vLAN.