03-30-2017 11:50 AM
I am trying to figure out dynamic VLAN assigning with IAP and Clearpass.
In Clearpass I can create a Serivce that enforces different VLANs based on the authentication and user, but then in IAP when I choose VLAN assignment Dynamic I have to make a rule based on some attribute from Clearpass and choose what VLAN that user goes in to.
So then I have configured the VLAN on two places. This doesn't seem right. Is it possible to only configure the VLAN assignment in Clearpass?
I guess the option is to have Clearpass enforce a role to the user and in IAP make a VLAN rule that say "if role = X, send to VLAN Y". But I rather do all that kind of config in Clearpass.
Wireless network engineer consultant| @phivil | ACMP ACCP
Solved! Go to Solution.
03-30-2017 11:55 AM
You would typically return the Aruba-User-Vlan radius attribute in your enforcement profile on ClearPass to set the VLAN for that user.
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
03-30-2017 12:07 PM
03-30-2017 12:13 PM