Security

Reply
Contributor II

Security > Authentication > Servers/server rules

(OS 6.5)

Hi all,

we have a situation and I was wondering if any of you had use that set up before.

We basically go for a single SSID and will do roles and vlans assignation based on a AD attribute. (condition based on a filter_id)

 

In the server rules section, you can set a role or set a vlan.

Have you ever tried to condimbed the 2 before ?

for ex filter_id X will have role A and be on vlan 100

while filter_id Y will have role B and on vlan 200

 

We don't have the chance to be able to test it. As it is prod I prefer to ask first.

I am so used to firewall rule that , once hit , it stops .. my concern is that it would hit the role  and stop instead of going to the next rule that it is the vlan

 

Thanks.

 

Guru Elite

Re: Security > Authentication > Servers/server rules

Just curious, why aren't you using VLAN names and returning the name directly from your RADIUS server in the VSA?

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor II

Re: Security > Authentication > Servers/server rules

I honestly didn’t know about that option .if you think it’s the most appropriate, I ll look at it
Thanks
Highlighted
Guru Elite

Re: Security > Authentication > Servers/server rules

Definitely a cleaner way (and way less stuff to maintain). It's also a best practice.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor II

Re: Security > Authentication > Servers/server rules

Thanks for your help!
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: