Hi all,
We recently just acquired Aruba APs, Mobility Controller and Clearpass. Basically, what I want to do is to have a single SSID, with 2 roles. i.e ROLE1 will have access to internet and LAN, and ROLE2 will have access to internet only.
My target are: for users to be under ROLE1, it should be able to authenticate using his AD credentials even if the device is not logged in to the domain, but it should also authenticate via MAC repository ( i'm planning to just manually add our devices' MAC addresses in the repository ). Users that will only have AD credentials but MAC is not registered in the repository should be under ROLE2. Is that something that is attainable? or is there a more logical and simplier way to do it. This is actually for our BYOD devices since we don't have license for onboard.
BTW, I also have another SSID wherein users that can access are only the ones that are already logged in to the domain.
I'd really appreciate any help that I can get.
Thanks!
-BeeJ aruba noob