Hi,
I am trying to figure out dynamic VLAN assigning with IAP and Clearpass.
In Clearpass I can create a Serivce that enforces different VLANs based on the authentication and user, but then in IAP when I choose VLAN assignment Dynamic I have to make a rule based on some attribute from Clearpass and choose what VLAN that user goes in to.
So then I have configured the VLAN on two places. This doesn't seem right. Is it possible to only configure the VLAN assignment in Clearpass?
I guess the option is to have Clearpass enforce a role to the user and in IAP make a VLAN rule that say "if role = X, send to VLAN Y". But I rather do all that kind of config in Clearpass.
Regards
Philip