customer have one SSID for staff we put this VAP in a vlan "1"
the staff is from defferebt department like "IT,HR,Markiting'
every department could access defferent systmes in the network
how could we make this requirment note that we are in Version 22.214.171.124
Are you currently blocking people in different departments from accessing certain parts of the network when they login to their wired PCs? If yes, how? That will determine how much we can use what you are doing now to enforce those policies.
If you are not blocking, you would typically configure roles in the controller for each department that have ACLs that allow or block traffic. You would then return a radius attribute assigning users that role when they login.
NO,all user will be wireless user but we want defference between the user that connect the same SSID "Staff' in vlan "1"
user connect to staff and this user in IT can access more systmesuser connect to staff and this user in HR can not acces spacific system
we make LDAP authentication
we have not PEF licenses or ClearPass
You cannot do it without a PEF license, because EDIT that would you need PEF to create roles to treat users different.
we can not make any authorization between cntr and LDAP ?
You can, BUT you cannot treat any authenticated users differently without the Policy Enforcment License.
Could you share with me how authorization between them without PEF
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.