Security

Reply
Occasional Contributor II

Best practice for multi-use ports and VLAN's

I am sure this has been done before and is possible but I am unsure of what is the best way to configure it or where I can get the configure. The scenario is for wired ports on a edge switch, user with windows laptops have 802.1x through GPO, while Phones and Printers can be used on the ports.

 

 

I want to configure all ports the same so IMAC doesn't require port configs

 

When a phone is plugged in, it will fail 802.1x but be in the Clearpass MAB and the VLAN changed phone VLAN X tagged and untagged Data VLAN Y

When a printer is plugged in, it will fail 802.1x and MAB list will send Printer VLAN Z

When a laptop is plugged in, it will pass 802.1x and VLAN A Corp Network assigned.

 

 

How would i best configure this, configure the port for the phone, and on clearpass enforcement policy assign a VLAN for the printer and Corp?

 

Thanks

 

Guru Elite

Re: Best practice for multi-use ports and VLAN's

Did you read the ClearPass Solution Guide for Wired Policy Enforcement? Colorless ports are covered in great detail.

Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: Best practice for multi-use ports and VLAN's

Thanks Tim,

 

I hadn't but I will

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: