In this video, we implement role-based access. In the videos up to now, we made it possible to authenticate with an IOS device and Windows device to the WPA2 Enterprise SSID (corp-1). Now we will setup ClearPass to differentiate access based on the AD group membership and device type (AD-corporate or non-AD). We will see the ClearPass roles (labels/tags collected during authentication) being to return the correct RADIUS attributes to the Instant AP to assign an Aruba network role. The contractor cannot access the intranet, while the admin can.
This video is part of the Aruba ClearPass Workshop series.