Is that AOS8 with Mobility Conductor?
Regardless the details, probably the use of Named VLANs is one answer that can work. Always return the VLAN name, then on controller level or group level associate a different VLAN id to the same VLAN name.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your HPE Aruba Networking partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact HPE Aruba Networking TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or HPE Aruba Networking.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Apr 29, 2026 10:49 PM
From: anunley@layer3com.com
Subject: Different VLAN-IDs per AP Group
Hello,
I have a scenario where I have APs seperated per campus by AP Groups. There are 5 total AP Groups that are separated geographically (so I don't anticipate roaming issues). I have 1 ssid that is used on all campuses and clearpass passing back the aruba-user-role attribute. My confusion is how to setup the logic to have the controller assign different vlan-ids based on which AP group the client is located. This will be setup as bridged mode so I need a way to assign the roles different subnets based on location.
I know I could probably have the logic in Clearpass to send back a vlan-id with a role but I am wondering if there is a better way to do that on the controllers and keeping Clearpass for identity only instead of identity and location.
Any help would be greatly appreciated on this.
Thanks,
-------------------------------------------