Why Vlan is not assigned correctly when operator type is set as "equals" in Tunnel-Private-Group-Id in CPPM server?
The cause of this issue is if radius server is CPPM, it will return tag and Tunnel-Private-Group-Id value which is causing it.
it doesn't match derivation rules when operator type is set to "equals".
CPPM return result from captures:
AVP: l=7 t=Tunnel-Private-Group-Id(81) Tag=0x01: v200
Free-radius and win2008 radius server return results:
AVP: l=6 t=Tunnel-Private-Group-Id(81): v200
The work around is to tweak the tag value to zero. Below is the steps to tweak the value.
Enable the Avenda dictionary in Admin -> Radius -> Dictionary -> Avenada -> Enable.
then in the enforcement policy, also add RADIUS:Avenda:Avenda-tag-Id => 0 which will set the tag value to 0x00 and then AOS/IAP should be able to parse out the integer correctly.