Security

Reply
Frequent Contributor I
Posts: 89
Registered: ‎10-27-2013

Clearpass assign multiple Private-Group-ID

Hi All

 

I have setup Clearpass to assign certain vlans to my users for smart devices.

The devices need to live in one of 3 vlans namely vlan 264,265 and 266 - however when the DHCP scope for vlan 265 (first specified Private Group-ID) is filled up it doesn't seem to go through to the next specified as in the attributes below and it uses random vlans that are configuredf on my controllers pool.

 

I tried using a single line private-group-id comma seperating the values but had no luck -   Is there a different way to get multiple vlans used?

 

 

Tunnel Private Group ID.jpg

Guru Elite
Posts: 8,639
Registered: ‎09-08-2010

Re: Clearpass assign multiple Private-Group-ID

Is this an Aruba controller?

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 89
Registered: ‎10-27-2013

Re: Clearpass assign multiple Private-Group-ID

Hi

 

It is a Clearpass where I have these rules/attributes configured.

Guru Elite
Posts: 8,639
Registered: ‎09-08-2010

Re: Clearpass assign multiple Private-Group-ID

Yes but what network device is this being sent to? Aruba controller? Cisco controller?

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 89
Registered: ‎10-27-2013

Re: Clearpass assign multiple Private-Group-ID

Oh sorry - it is sent to a Aruba Controller - AOS v 6.4.2.2

Guru Elite
Posts: 21,279
Registered: ‎03-29-2007

Re: Clearpass assign multiple Private-Group-ID

Hendrik,

 

If you are trying to send back VLANs to users, you should NOT use the tunnel attributes.  You should use an Aruba-Named-VLAN attribute, and define that VLAN name on your controller to achieve your goal.  Please see here:  http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/Radius-assigned-IP-address-ignored/m-p/140867/highlight/true#M9962



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Frequent Contributor I
Posts: 89
Registered: ‎10-27-2013

Re: Clearpass assign multiple Private-Group-ID

Perfect - Thanks Collin - exactly what I needed. The pools make it so much easier - didn't know you could specify the Aruba-named-Vlan  :)

Search Airheads
Showing results for 
Search instead for 
Did you mean: