Security

Reply
Frequent Contributor II
Posts: 153
Registered: ‎04-17-2013

User mac auth with respective AP name

Hi,

 

I have setup of Aruba 7210 controller, CPPM (As a radius), Windows AD 2008 & AP 225

 

I want to do user mac. authentication with respectiv AP name. AP is in bridge mode.

I.e. If Branch office1 user trying to authenticate then he should get access.

If Branch office1 user went to other branch and trying to get wireless access then him should not get access.

 

Thanks...

 

Guru Elite
Posts: 7,852
Registered: ‎09-08-2010

Re: User mac auth with respective AP name

Where is the authorization data stored?


Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
Frequent Contributor II
Posts: 153
Registered: ‎04-17-2013

Re: User mac auth with respective AP name

For user authentication require user credential + mac. ID

User account is in Windows AD & mac. will be on CPPM.

I believe i will hv to create static host entry with respective AP user & enforcement profile.

But not exactly clicked..

Guru Elite
Posts: 7,852
Registered: ‎09-08-2010

Re: User mac auth with respective AP name

So you're going to manually maintain the MAC addresses in ClearPass?


Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
Frequent Contributor II
Posts: 153
Registered: ‎04-17-2013

Re: User mac auth with respective AP name

yes..

Guru Elite
Posts: 7,852
Registered: ‎09-08-2010

Re: User mac auth with respective AP name

Try something like this.


First create a custom Endpoint attribute. (Administration > Attributes > Add)

That will be the name of the AP that you manually add.

 

ENDPOINT_ALLOWED-LOCATION.PNG

 

Then in your enforcement policy:

 

ENDPOINT_ALLOWED-LOCATION-enf.png


Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
Search Airheads
Showing results for 
Search instead for 
Did you mean: