01-08-2015 06:08 AM
I need a clarification for MAC authentication: Is it possible for CPPM to know a device's OS when using MAC authentication? There is no profiliing since there is no user authentication. The controllers ID's the devices properly but I can't get CPPM to use that information for role assignments.
I'm working with TAC but I'm not sure I've explained it correctly to them. I keep seeing ChromeOS in traces but they say they don't see it in the traces. CPPM does not indicate in the 'input' tab anything to indicate the OS of the device when using MAC authentication.
01-08-2015 06:27 AM
What you need to do is enabled to profile Endpoints:
Then at end of your profile add that if is not profiled to dumb it in "PROFILING VLAN or ROLE"
And then it will get CoA by the Profiler
Make sure you enabled CoA on the controller
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
01-08-2015 06:34 AM
You can set up a role map that uses the controller's profile. This can be beneficial if you don't want to wait for the device to profile and force them to reauth again.
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP