All Topics » Pulse Policy Secure

UAC + WLC + detect SSID

Contributor (11)
Jul 8, 2014 2:28am



IÍm setting up a new WLAN with a WLC880R and an IC 4500.


I've 3 SSIDs:


SSID A: Local LAN on the Switch (no vlan ID)

SSID B: Local VLAN on the Switch (id: 1000)

SSID C: Tunnel to WLC with local LAN and Sign-In Page on the WLC


The Network basic Setup is working (Sign-IN Page with local User on the WLC, connecting to the right VLAN based on the SSID. The SSID is protected by WPA-PSK for testing)


SSIDs A and B should be authenticated against an AD via UAC.

A with Username+Password (+ certificate)

B with Username+Password


SSID C against a local Database on the UAC.


Can I identify the on the UAC from witch SSID the user tries to connect to WLAN?

With this information, it should be possible to write 3 different rule-sets?

Is this scenario possible?




Contributor (11)
Jul 8, 2014 2:34am

Hello Sebastian


Yes your requirement should be possible.

Typically, SSID is sent from WLC using radius attribute Called-Station-ID.


You need create radius request attribute policy and match above said attribute for realm selection.

Based on ream selection you could assign authentication database.

Hope this helps!




Contributor (11)
Jul 8, 2014 8:28pm

Yes this is possible and I have seen this working in many sites


You need to have Radius attribute request policies configured for each SSID and enable this request policues under respective relams under Authentication Policy section  where we have authentication server and role mapping rules also enabled.


You can  access the below URL;s to understand more on 

RADIUS Request Attribute Policies &  Using RADIUS Attributes in Access Policies


Hope this helps,