VLAN Grouping feature provides distribution of clients across the VLANs in the box to reduce the broadcast domain of secure clients. This feature enables allocating a VLAN from a preconfigured list of pool, thus reducing the need for administrators to load balance the network.
VLAN group leverages the existing standard attribute Tunnel-Group-Private-ID(81).
This standard attribute is overloaded to be interpreted as VLAN group name, if the VLAN name doesn't exist on the switch with that name.Required Configuration on AOS-CX:Required Configuration on Clearpass/AAA server:Verification and validationBelow is output contains one dot1x and one mac-auth client, associated vlan pool will distribute vlan upon successful authentication. Required Packet Capture for dot1x client1. Access-request2. Access-challenge3. Access-request4. Access-AcceptPacket Capture for mac-auth client 1. Access-request2. Access-acceptPlease feel free to download AOS-CX 10.7 image and give a try.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.