Security

Reply
Contributor I
Posts: 21
Registered: ‎10-27-2009

Vlan Pooling with Clearpass

I am trying to get all of my BYOD devices onto a pool of vlans.  I found the "Aruba-User-Vlan" attribute in the enforcement profile, however that only allows me to set one specific vlan number.  On the controller I can assign multiple vlans on a virtual ap profile, and that works well, so is there away to do it with clearpass?  Can I assign a virtual ap profile via clearpass enforcement profile?  I have looked but i can not find any option that will work the way I am trying to get it.

Guru Elite
Posts: 20,002
Registered: ‎03-29-2007

Re: Vlan Pooling with Clearpass

You cannot send back an attribute that will do pooling.  You could have a larger VLAN that those devices are assigned to and return that, if you need capacity.  Or, you can have CPPM just send back an accept and have those devices end up in the Pool from the Virtual AP and have your OTHER devices assigned to the single VLAN from a radius attribute.

Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
Contributor I
Posts: 21
Registered: ‎10-27-2009

Re: Vlan Pooling with Clearpass

Thanks cjoseph,  I had kind of figured as much, so I had started creating large vlans.  That will work perfectly for my needs.  Your reverse idea is clever also!  Thanks.

Aruba Employee
Posts: 3
Registered: ‎06-17-2013

Re: Vlan Pooling with Clearpass

Try sending VSA from ClearPass Radius:Aruba   Aruba-Named-Vlan  <vlan-pool-name>. Tried with AOS 6.4.0.3 and ClearPass 6.x and it worked.

Search Airheads
Showing results for 
Search instead for 
Did you mean: