Read a few topics here and still not quite able to get what I need working.
I have Clearpass joined to AD and an 802.1X network authenticating via AD just fine.
I have a mac_create.php portal where I can register a device and assign a role. Device goes into the Managed Devices. If I Mac auth this device the authorization attributes come through.
What I'm trying to get to happen is a VLAN or role specification based on, I don't really care who the user who authenticates is, as long as they authenticate successfully, but then check the connecting device's MAC Address against the device repository for the device's appropriate role.
I get a successful 802.1X user authentication but access tracker never shows the device's authz attributes, I assume because i'm authenticating a user not the device. Not really sure where I'm going wrong.
I've tried using both AD and the guest device repository as authentication sources, but having the guest device repository in there seems to break my user auth, and having guest user, or guest device, or any of thsoe in authorization, again, i'm not pulling the device's authorization info during the auth.
This is in an MM Based AOS 8 environment.
Yes I've added Guest Device Repo as both authen and as authorization separately.
See attached images; under the access tracker under input, the guest device repository does not show attributes
I could've sworn I'd tried that. I'm wondering, though, why the information would not have shown up in access tracker under input having had the guest device repository listed? I would have thought I would have at least seen potential authorization information that I could've gleaned appropriate config parameters from. Is that incorrect?
The [Guest Roles] role mapping should be (GuestUser:Role ID EQUALS "role id") but when you define it in your 802.1X role mapping , you will need to use (Authorization:[Guest Device Repository]:Device Role ID EQUALS "role id")
See below :
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.