Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Best practice for multi-use ports and VLAN's

This thread has been viewed 0 times

  • 1.  Best practice for multi-use ports and VLAN's

    Posted Jul 17, 2018 04:01 PM

    I am sure this has been done before and is possible but I am unsure of what is the best way to configure it or where I can get the configure. The scenario is for wired ports on a edge switch, user with windows laptops have 802.1x through GPO, while Phones and Printers can be used on the ports.

     

     

    I want to configure all ports the same so IMAC doesn't require port configs

     

    When a phone is plugged in, it will fail 802.1x but be in the Clearpass MAB and the VLAN changed phone VLAN X tagged and untagged Data VLAN Y

    When a printer is plugged in, it will fail 802.1x and MAB list will send Printer VLAN Z

    When a laptop is plugged in, it will pass 802.1x and VLAN A Corp Network assigned.

     

     

    How would i best configure this, configure the port for the phone, and on clearpass enforcement policy assign a VLAN for the printer and Corp?

     

    Thanks

     



  • 2.  RE: Best practice for multi-use ports and VLAN's

    EMPLOYEE
    Posted Jul 17, 2018 04:02 PM
    Did you read the ClearPass Solution Guide for Wired Policy Enforcement? Colorless ports are covered in great detail.


  • 3.  RE: Best practice for multi-use ports and VLAN's

    Posted Jul 17, 2018 04:49 PM

    Thanks Tim,

     

    I hadn't but I will