Security

Reply
Occasional Contributor II

Policy Manager -> Role Mapping -> Connection -> AP-mac -> "Belongs To List"

I'm looking to create a role-mapping policy that will match on a list of AP mac addresses so that I can perform CoA on them.  What I have right now is this...

 

Screen Shot 2016-04-06 at 12.58.26 PM.png

 

Is there any way to use an operator/value pair that would call something like a MAC address "host" list so I wouldn't need to enter all of the AP MAC addresses into the role mapping policy?

 

 

Joseph Slawinski :: Mobility Architect
CCNP, ACMP, ACCP, CWNA
Guru Elite

Re: Policy Manager -> Role Mapping -> Connection -> AP-mac -> "Belongs To List&quot

It would be "belongs_to_group" is what you are looking for:

 

belongs-to-group.png

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Guru Elite

Re: Policy Manager -> Role Mapping -> Connection -> AP-mac -> "Belongs To List"

<removed, already answered>


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: Policy Manager -> Role Mapping -> Connection -> AP-mac -> "Belongs To List&quot

Ok, I see.  So when I choose Connection:AP-mac, the "belongs_to_group" statement does not exist.  When I change it to Called-Station-Id, it then shows up as an option.

 

Both of these options in the RADIUS request would yield the same information so this works for me!

 

Thank you very much for your assistance!

Joseph Slawinski :: Mobility Architect
CCNP, ACMP, ACCP, CWNA
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: