Wired Intelligent Edge

last person joined: 23 hours ago 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

Attributes from switch in tunneled node

This thread has been viewed 0 times

  • 1.  Attributes from switch in tunneled node

    Posted Nov 28, 2017 08:21 AM

    Hey!

     

    Running 2930F 16.02 in PerPortTunneledNode to 8.1 (soon 8.2) controllers with .1x machine authentication in Clearpass 6.6.8.

     

    The CPPM is to assign a VLAN to the computers. The problem is that we have to assign a different VLAN based on which switch (site) the computer is connected to. 

    But the only data from the swtiches that Clearpass picks up is Aruba-Port-ID containing its IP and MAC, and we have the same management-vlan for all the switches. I don't want to configure one role assigment rule per switch.

    Is there a way to configure a RADIUS attribute (VSA) in the switches that Clearpass can make rules on? So all switches on site A sends attribute X that Clearpass can make rules on.

     

    Regards

    Philip