Our current 802.11 setup has a large number of SSIDs to segregate traffic by subnet. This isn't ideal, and I've been attempting to consolidate to a single SSID but use dynamic VLANs instead.
This is on a Ruckus Zonedirector 3000 and Microsoft NPS as the RADIUS server.
My test clients connect to the SSID, and are prompted for credentials. I can see the credentials accepted on the NPS server, and wireshark confirms the Access-Accept message contains the Tunnel-Private-Group-ID value for the desired VLAN.
At this point the client stalls trying to get a DHCP lease. The DHCP server is working, as these are existing scopes and subnets and I can connect a wired client into the switch on an access port for the same vlan and get a lease.
Wireshark shows no DHCP broadcast request from the client at all.
The switchport for the AP is a trunk, with the VLAN tagged and allowed.
Any assistance would be greatly appreciated! Rob