Wireless Access

last person joined: an hour ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Aruba Internal DB Question

This thread has been viewed 5 times

  • 1.  Aruba Internal DB Question

    Posted Jul 21, 2015 08:16 AM

    Hi,

    i have a Lab running a 3600 and two AP105 with 6.4.x. Now i have created a AP Group with a SSID and that vap_prof uses the internal DB for Users with aaa_prof. So far so fine - If my user exist i become authenticated. Now i wanna configure a Rule set to a new "Role" and i've added the user in the local DB to this role but as the AAA Profile says in the SSID the user become authenticated the role never works. If i change the aaa_prof to my new Role it worked but not only for this user - for all instead. So i dunno currently how to get the interal DB Role running with a AAA profile. Do someone running this scenario ? I've only tested this with Server derivation Rule and a extern Radius which assign the rolename.

     

    Thanks for Feedback



  • 2.  RE: Aruba Internal DB Question
    Best Answer

    EMPLOYEE
    Posted Jul 21, 2015 08:22 AM

    In your AAA profile, make sure you are using the default server group and that the default server group has the "set role condition..." rule attached to it.  The "set role condition role value-of" is the rule that says, return the role that the internal user has defined.  If you are using a server group without that rule present for authentication, it will only return the default role for that AAA profile.

     

    aaa server-group "default"
 auth-server Internal
 set role condition role value-of


  • 3.  RE: Aruba Internal DB Question

    Posted Jul 21, 2015 10:11 AM

    Thanks for Feedback. I was using a different profile because i used a wizard before :-) So there was no Rule inside and that was the fault.

     

    Many Thanks!