Controller-less WLANs

How to configure “dhcp-option” and “dot1x-authentication-type” based role derivation on Aruba Instant APs?

Aruba Employee

This article explains the configuration of “dhcp-option” and “dot1x-authentication-type” based role derivation on Aruba Instant APs

 

IAP has supported role derivation for a long time, but only via radius attributes. However, with 6.1.3.4-3.1, we can now derive user roles based on “dhcp-option” as well as “dot1x-authentication type”.

When configuring role derivation rules based on radius attributes, DHCP option, and dot1x-authentication-type, the matching rule that appears first in the rule list takes precedence.  

 

 

Environment : This article applies to all the IAPs running a minimum OS version of 6.1.3.4-3.1.x.x.

 

rtaImage.png

 

Through CLI:

Creating the roles:

 

rtaImage (1).png

 

Creating Role derivation rules:

 

rtaImage (2).png

Version history
Revision #:
1 of 1
Last update:
‎07-03-2014 02:45 PM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: