12-09-2013 08:38 AM
I am using Aruba 7200 controller & CPPM for my Wireless network. There are 14 branches connected over the MPLS network.
Aruba controller , CPPM & DHCP are located in Data center. Every branch has different IP address range. We have dot1x switches.
Now we want to achieve following requirement for wired network.
1) If the user & device is the part of domain then it should get that respective vlan IP address.
(How CPPM will identify requestor come from which branch & assign the IP address?)
2) How DHCP will provide IP address to user?
Kindly suggest me how can i achieve this requirement.
Thanks in advance,
Solved! Go to Solution.
12-09-2013 08:42 AM
You could do this by using NAS IP of the switch (incoming radius request)
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
12-09-2013 08:44 AM - edited 12-09-2013 08:47 AM
For the domain machines, you can use the built in [Machine Authenticated] role to assign a role. This role will automatically be assigned when a computer successfully machine authenticates to AD.
You can either assign the VLAN directly by returning it from ClearPass or tie a VLAN to a user role. Then the client will get an address in that subnet.
12-09-2013 07:06 PM
I will not create user group on CPPM cause if user went to other location branch then he should get that respective branch vlan IP address.
Ho can i achieve this?
12-09-2013 07:12 PM
12-09-2013 07:29 PM
12-12-2013 09:00 AM
I have configured service for Wired 802.1x with NAD IP Rule. I have got domain user request in "Access tracker" In request detail service, role & enforcement correctly getting.
On my hp switch radius authentication status - accept. I hv configured ip-hleper on router for DHCP server and CPPM. IP pool configured on DHCP server.
But still IP Address is not getting to domain user.
Kindly suggest the solution....