11-12-2025 11:07 AM
Hi everyone,
I want to take advantage of pushing Policy Role (and only this) to XIQ Controller upon authentication.
My idea is :
I have noticed that, after Policy Enforce, VLAN (configured in XIQ SE/ExtremeControl in "Policy > Roles" menu) are pushed to XIQ Controller in "Bridged@AC" mode.
As expected, there was issue when testing 😄
Is there a way to have these VLAN being pushed with "Bridged@AP" mode ?
Kind regards,
Monday - last edited Monday
The system doesn’t automatically switch to Bridged@AP just based on role assignment. To get Bridged@AP working, you usually need to define VLAN behavior directly in the SSID or AP profile so the AP takes control. Also check if any RADIUS attributes Morse Code Translator or controller policies are overriding what you’re trying to enforce from ExtremeControl.
Monday
Hi, your approach makes sense but in ExtremeCloud IQ the VLAN assignment is usually controlled by the forwarding mode, not just the policy role. In many cases the VLAN will still land in Bridged @ AC unless it’s defined directly at the SSID or AP template level. You might want to check if the AP profile allows VLAN override from RADIUS. That usually solves the mismatch in Bridged@AP behavior.
11-13-2025 08:57 AM
Are you using Filter-ID=<role name> to push the role (which should have a topology mapping)
11-13-2025 09:02 AM
Hi,
Yes. The preview shows me this :
Filter-Id=Enterasys:version=1:policy=<role_name>Kind regards,