Campus Switching and Routing

Reply
Occasional Contributor I

MAB on aruba/HPE switch

Hi,

 

I'm trying to get MAB to work on the switch running 16.03 version with ClearPass. I've done it many many times with cisco switches but I'm no clear on what configs are required on aruba switches. I've used the aes solution but still no luck.

Researched old HPE documentation and here is how a port is configured:

 

 

Global config on the switch

radius-server host 10.55.55.5 key "xxxx"
radius-server host 10.55.55.5 dyn-authorization

aaa port-access authenticator B9

aaa port-access mac-base B9

aaa port-access B9

aaa port-access B9 mixed

 

 

interface B9
   untagged vlan 499
   aaa port-access authenticator
   aaa port-access authenticator client-limit 5
   aaa port-access mac-based
   spanning-tree admin-edge-port
   spanning-tree bpdu-protection
   exit

 

 

 

Vlan 499 has an interface ip with a helper address of my clearpass for profiling (which is working fine).

 

My service has profiling enabled on it with [HPE bounce-host-port] as an action. The problem here is that the bounce host port take place but PoE is still there and the VoIP phone does not loos power. They still on the port with DHCP timed out.

 

Anyways, has anyone done MAB for VoIP with these switches and ClearPass? am I on the right track?

 

Guru Elite

Re: MAB on aruba/HPE switch

Occasional Contributor I

Re: MAB on aruba/HPE switch

Thanks.

My phones gets profiled but I don't see the [HPE bounce-host-port] getting triggered.

If I send coa to a client laptop to bounce the port, it works fine. but through the policy it is not happening.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: