Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

setting a role per wired port / tunnel?

This thread has been viewed 1 times

  • 1.  setting a role per wired port / tunnel?

    MVP
    Posted Sep 13, 2012 08:26 AM

    Is it at all possible to set different roles on incoming gre tunnels?

     

    We've got several devices tunneling guest-traffic back to the central controller.

    One of the tunnels carries guest-traffic where another carries byod-traffic.

     

    I've set the aaa wired profile to a guest-logon so the guests get redirected to a captive portal but the byod users should be given a different role. Ideally I would be able to simply set different roles to different ports or tunnels but this does not seem the case?

     

    It there any 'clean' way to solve this or will I have to go figure out whether user derivation rules and dhcp option 77 (the only option I can think that doesn't require a lot of 'maintenance') is a possibility?

    edit: mm dhcp option 77 doesn't seem to be a sollution either. :smileymad:



  • 2.  RE: setting a role per wired port / tunnel?
    Best Answer

    Posted Sep 13, 2012 02:13 PM

    You can if you are using different vlans for each tunnel. You can apply the aaa profile right on the vlan itself. For this to go into effect you will need to have the tunnel in your dmz set to the untrusted port. I think this was added in AOS 6.x code when we started tunneling traffic from our LAN switches running tunneled node.

     

    vlan 192 wired aaa-profile "guest-wired-profile"