Hi friend,
I can help you on this,
Here, for any authenticated user a role should be assigned and the user traffic will be controlled according to the policy( Firewall policy) mapped to that role.
In Aruba we can assign a role in 2 different ways,
1. Through AAA profile : dot1x default role
2. Through server ( Clearpass or any other server) generally called SDR or VSA
Priority will be given to SDR/VSA, if SDR is not configured, user will be mapped to the role configured in AAA profile ( dot1x Authentication default role)
If SDR is configure, authenticated user will be assigned a role returned by the server.
here server will return the role name ( can return VLAN also) and we should ensure that the role is defined in the controller ( to create customised roles controller should have PEFNG license installed)
we can configre SDR as shown under :
Here, as per the matching condition user will be assigned to a role ( or a VLAN)
How to create a roles and policies in Aruba controller :
Ways of assigning Role to an Authenticated user :
What is the flow of role assignment :
How to configure SDR ( Server derived Role ) :
Inorder to achieve the above, we should have configured the server properly and which is very similar to Cisco :)
Hope you got some Idea,
Please feelfree to come back if any further help needed on this.