Security

last person joined: 20 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Is it possible to get use the 'magicvlan' ID3333 to provide guests with a option 252 DHCP PAC?

This thread has been viewed 0 times

  • 1.  Is it possible to get use the 'magicvlan' ID3333 to provide guests with a option 252 DHCP PAC?

    Posted Feb 10, 2015 07:24 AM

    Hi

    I would like to use the default 'magicvlan' which is automatically set up when creating a 'guest' WLAN profile but I would like the internal DHCP to issue 'guests' on this SSID an option 252 proxy server address (10.10.xx.xx).  Is this possible using the CLI?

     

    If so could some one provide me with the commands?

     

    Thanks

     

     



  • 2.  RE: Is it possible to get use the 'magicvlan' ID3333 to provide guests with a option 252 DHCP PAC?
    Best Answer

    EMPLOYEE
    Posted Feb 10, 2015 02:46 PM

    This is not possible with the built in "virtual controller assigned" DHCP method.  There may be a workaround where you can create a VLAN with a local DHCP scope and then src nat all the traffic out of the VC. However, you would then be responsible for trunking the created VLAN ID on the LAN.  

     

    You're easier option is to use a VLAN on the LAN and a DHCP in the LAN as well to assign the option value...



  • 3.  RE: Is it possible to get use the 'magicvlan' ID3333 to provide guests with a option 252 DHCP PAC?

    Posted Feb 11, 2015 06:03 AM
    Many thanks for your reply. I was thinking the same thing. Regards David
    @SethFiermonti wrote:

    This is not possible with the built in "virtual controller assigned" DHCP method.  There may be a workaround where you can create a VLAN with a local DHCP scope and then src nat all the traffic out of the VC. However, you would then be responsible for trunking the created VLAN ID on the LAN.  

     

    You're easier option is to use a VLAN on the LAN and a DHCP in the LAN as well to assign the option value...