Security

Reply
Occasional Contributor I
Posts: 9
Registered: ‎04-10-2012

AAAServer rule


aaa server-group "POC-RADIUS-Group-2"
auth-server IITB_RADIUS
set vlan condition Filter-Id contains "CC" set-value 20 set vlan condition Filter-Id contains "CHE" set-value 30
set vlan condition Filter-Id contains "CSE" set-value 40


aaa server-group "POC-RADIUS-Group-2"
auth-server IITB_RADIUS set vlan condition Callback-Id contains "CC" set-value 20 set vlan condition Callback-Id contains "CHE" set-value 30
set vlan condition Callback-Id contains "CSE" set-value 40

but in both the Scenario user connect vlan configured in VAP Instead of server rule vlan.

requesting help us configure server rule

Regards,

Jayesh

Aruba
Posts: 1,642
Registered: ‎04-13-2009

Re: AAAServer rule

What platform is your RADIUS server running on?   Have you double checked its configure to ensure it is ending the right attribut back to the controller?

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Aruba
Posts: 760
Registered: ‎05-31-2007

Re: AAAServer rule

Recommend:

 

a) look at Radius logs (if you are using ClearPass, look at Access Tracker) to determine whats coming up and going back to the Controller

 

b) turn on radius/aaa debug on the controller and watch the transaction.  Role derivation will be visible there.(or lack thereof)

 

JF

Search Airheads
Showing results for 
Search instead for 
Did you mean: