ArubaOS and Controllers

Reply
Occasional Contributor II

Policy to block Windows Users

I have a new requirement to be implemented and that being the windows users should not be allowed to associate with any Access point using 6.0 OS Finger printing feature. Has any one done this before? or if this is even possible?
Guru Elite

Re: Policy to block Windows Users

First, you would create a role called "block-role" which has a firewall policy blocking traffic. This role would be to place windows users into once they attach. Then you would create a user derivation rule that looks for the Windows DHCP option and then would move users into that role. Next, you would apply that user derivation rule to the AAA profile of the SSID you want to block users:

config t
aaa derivation-rules user Windows
set role condition dhcp-option starts-with "37010F03062C2E2F1" set value block-role
exit
aaa profile
user-derivation-rules Windows
exit
******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: