04-14-2015 09:22 AM
I have some Web enabled Media Devices, TVs and cameras, I want to put on my WiFi Network, separate from the regular SSID and the Guest Network. I am thinking I need to create a new SSID School-Media, hidden, and Roles, "Media Device", in the Aruba Controller.
Then create a Service and policies with enforcement in Clearpass to allow them the access just to the internet and keep everything\body else off that connection.
Having siad that I need help in the steps and order of things.
04-14-2015 09:28 AM
Why not just use the Guest SSID and add authorization/profiling to your MAC Caching service? Change the authentication method to Allow All MAC Auth, then return back the appropriate role for these devices. Remember to return a deny access profile by default, so that guests who have not logged in still get the default AAA role for the captive portal, not returning the Aruba Role for Captive Portal from CPPM Enforcement (this will also prevent ClearPass capacity from being consumed by devices that don't actually authenticate).
09-30-2016 11:11 AM
ecause I use guest registration and have firewall rules specifically for those users. These devices need their own Subnet and seperate rules. I can identify them faster. Back to my original request.
09-30-2016 11:35 AM
10-03-2016 08:20 AM
Can you recommend any documentation. The way my guest network is setup users can only maintain an IP for 8 hours. Then they must register again.
Maybe I can give more info on my goals here.
I have a new building with a new AV system. 2 tablets and a primary computer that manages all the routing (sound and video to and from all sources and outlets. I need to put them on my current networ, make sure the tablets have http\https ONLY access and the main system\computer interface is accessible from off campus via natting to an external IP. So I really only have 3 deivices that will have a hard coded IP in a yet to be selected sub net that will need special rules in clearpass and the firewall.
10-03-2016 08:25 AM