We are jsut starting to leverage Clearpass for authentication on our switches and I'm trying to find the right way to assign roles based on a combination of switch and port.
These are third party switches, and the best I've been able to figure out it to make individual role rule entries using the IETF-NAS-Identifier and IETF-NAS-Port. Since those are two seperate values I have to make individual entries for each pair.
For example, if I want to identify specific ports on our network allowed to service PCI related devices, I have to put in individual entries for each switch/port pair. Event if I could find a value that was the switch/port pair, that would make that a *lot* cleaner.
Am I missing something somewhere, is there a better way to do that? (I hope!)
That is an interesting idea, and I could probably manage the list externally via API. I'll experiment with that. Thanks!
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.