DescriptionVLANs Not Switching When Role is Manually Changed
ScopeVersion: Network Sentry 7 & 8
SolutionVersion: Network Sentry 7 & 8
Issue: Host does not change VLANs after manually changing the Host or User role. Policy Details in Host View show the correct Network Access Policy for the newly selected role, but the Host does not get switched to the new VLAN. Switching from isolation to production works as expected.
This can occur if the format used in the Configuration for the Network Access Policy is not the same as what's reflected in the wireless controller/Access Point's Model Configuration.
Example:
Model Configuration lists names (staff, student, etc). This is the format read from the wireless controller/Access Point.
However, the Network Access Policy Configuration assigns VLAN ID's (70, 71, etc).
Network Sentry will not try to switch a VLAN if it is believed the currently assigned VLAN was not assigned by Network Sentry. Upon changing a role in a registered Host record, Network Sentry will evaluate the Host. Inconsistent formats between what is read from the controller/AP and the Network Access Policy's Configuration can cause the logic to incorrectly conclude that the VLAN was manually configured. Consequently, the VLAN will not be changed.
Solution: When creating Network Access Configurations, always use the same VLAN format shown in the applicable controller/AP's Model Configuration. This will avoid unexpected VLAN switching behavior.
