Campus Switching and Routing

Aruba Employee

AAA/NAC Comware v7 Feedback



Here some feedbacks with AAA/NAC features on Comware V7 (5130/5510HI/etc..)

Hope it will help !



Occasional Contributor II

Re: AAA/NAC Comware v7 Feedback

Hello Serge,


On page 15 there is a diagram with all the features.

I have 5510 switches and 5400. And for the 5400 i also use dynamic ACL.


On this page it says that on the 5130 and 5510 also dynamic ACL are supported.


Do you have an example of how to do this in clearpass for the 5510.


Already my thanks.

Aruba Employee

Re: AAA/NAC Comware v7 Feedback

You should use the standard Radius « Filter-Id » Attribute (11) 

And define the value as the ACL number you want to apply on the authenticated port.




Use the user-profile feature. In the case, set user-profile name as standard Radius Filter-id attribute (11)


User-profile test
     qos apply policy test inbound

acl number 3000
 rule 0 permit tcp source-port eq 21

traffic classifier classifier_1
if-match acl 3000

traffic behavior behavior_1
 filter deny

qos policy test
  classifier classifier_1 behavior behavior_1

User-profile test enable



Occasional Contributor II

Re: AAA/NAC Comware v7 Feedback

Thanks for the quick replay,


I will test it.


Good document by the way.


Keep it coming 

Search Airheads
Showing results for 
Search instead for 
Did you mean: