Campus Switching and Routing

Reply
Contributor I

Attributes from switch in tunneled node

Hey!

 

Running 2930F 16.02 in PerPortTunneledNode to 8.1 (soon 8.2) controllers with .1x machine authentication in Clearpass 6.6.8.

 

The CPPM is to assign a VLAN to the computers. The problem is that we have to assign a different VLAN based on which switch (site) the computer is connected to. 

But the only data from the swtiches that Clearpass picks up is Aruba-Port-ID containing its IP and MAC, and we have the same management-vlan for all the switches. I don't want to configure one role assigment rule per switch.

Is there a way to configure a RADIUS attribute (VSA) in the switches that Clearpass can make rules on? So all switches on site A sends attribute X that Clearpass can make rules on.

 

Regards

Philip


Wireless network engineer consultant| @phivil | ACMP ACCP ACDX #759
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: