ArubaOS and Controllers

Occasional Contributor II

Policy to block Windows Users

I have a new requirement to be implemented and that being the windows users should not be allowed to associate with any Access point using 6.0 OS Finger printing feature. Has any one done this before? or if this is even possible?
Guru Elite

Re: Policy to block Windows Users

First, you would create a role called "block-role" which has a firewall policy blocking traffic. This role would be to place windows users into once they attach. Then you would create a user derivation rule that looks for the Windows DHCP option and then would move users into that role. Next, you would apply that user derivation rule to the AAA profile of the SSID you want to block users:

config t
aaa derivation-rules user Windows
set role condition dhcp-option starts-with "37010F03062C2E2F1" set value block-role
aaa profile
user-derivation-rules Windows

Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: