07-08-2012 07:02 PM
Hi, I have a green fields ClearPass Policy Manager install and an existing Aruba WLAN that needs better security all round. ClearPass will be introducing 802.1X/EAPTLS/RADIUS and the existing ArubaOS needs better user role definition around employee types that have different VLAN separation and firewall policies.
Reading through the manuals its "seems" like I have two choices with creating roles as both policy manager and controller which leads me to the questions:
1. Which is best to use?
2. Can I use both together for wireless access?- for example combine:
a. AD wireless group/department group member using Policy Manager along with
b. A role in controller
Solved! Go to Solution.
07-08-2012 07:12 PM
Roles created on the CPPM are communicated to the Controller for policy implementation. So you need the same roles in both places...
The roles on the CPPM are a result of authentication workflows and rule-sets, and the roles reside on the controller to actually-carry-out the seperation and security aspects (be they policies, or yes VLANs too) -after- CPPM roles have been derived for each user/device/user-device combination.