last person joined: 2 hours ago 

Bring performance and reliability to your network with the Aruba Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of the ArubaOS-Switch and ArubaOS-CX devices, and find ways to improve security across your network to bring together a mobile first solution.

Attributes from switch in tunneled node

  • 1.  Attributes from switch in tunneled node

    Posted Nov 28, 2017 08:21 AM



    Running 2930F 16.02 in PerPortTunneledNode to 8.1 (soon 8.2) controllers with .1x machine authentication in Clearpass 6.6.8.


    The CPPM is to assign a VLAN to the computers. The problem is that we have to assign a different VLAN based on which switch (site) the computer is connected to. 

    But the only data from the swtiches that Clearpass picks up is Aruba-Port-ID containing its IP and MAC, and we have the same management-vlan for all the switches. I don't want to configure one role assigment rule per switch.

    Is there a way to configure a RADIUS attribute (VSA) in the switches that Clearpass can make rules on? So all switches on site A sends attribute X that Clearpass can make rules on.