Security

last person joined: an hour ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

CPPM Extract vlanid from username for testing different subnets

  • 1.  CPPM Extract vlanid from username for testing different subnets

    Posted Oct 28, 2019 12:46 PM

    Hi, I'm looking for a solution to help in testing different subnets/VRFs in my network without having to setup multiple SSIDs or change the vlan assigned to the SSID all the time and not to have to create tons of user accounts.

     

    What I'd like to do is have a test SSID that depending on the username suffix could re-direct the user into that vlan, example:

     

    testvlanuser@domain.com+201

     

    If we could extract that 201 from the end of the username, then we could  send it back to the controller as a variable for the derrived vlan.

     

    Does anyone know how this could be accomplished in CPPM?

     

    Thanks!



  • 2.  RE: CPPM Extract vlanid from username for testing different subnets

    Posted Oct 28, 2019 02:25 PM

    What is your authentication source?

    If you are using local users in CPPM, you can add a variable, in example VLAN to the user.

    In the enforcement you can push this variable as dynamic VLAN attribute..