Why Vlan is not assigned correctly when operator type is set as "equals" in Tunnel-Private-Group-Id in CPPM server?
The cause of this issue is if radius server is CPPM, it will return tag and Tunnel-Private-Group-Id value which is causing it.
it doesn't match derivation rules when operator type is set to "equals".
CPPM return result from captures:
AVP: l=7 t=Tunnel-Private-Group-Id(81) Tag=0x01: v200
Free-radius and win2008 radius server return results:
AVP: l=6 t=Tunnel-Private-Group-Id(81): v200
The work around is to tweak the tag value to zero. Below is the steps to tweak the value.
Enable the Avenda dictionary in Admin -> Radius -> Dictionary -> Avenada -> Enable.
then in the enforcement policy, also add RADIUS:Avenda:Avenda-tag-Id => 0 which will set the tag value to 0x00 and then AOS/IAP should be able to parse out the integer correctly.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.