Wired Intelligent Edge

 View Only
last person joined: yesterday 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

Aruba CX ACLs with Clearpass

This thread has been viewed 20 times

  • 1.  Aruba CX ACLs with Clearpass

    Posted Mar 20, 2024 02:05 PM

    Hello everyone

    I was wondering if I could download the Aruba CX switches ACL with RADIUS IETF NAS-Filter-Rule just like I do with Aruba OS?

    Also, I wonder if the Sintaxys I was using with Cisco with the downloadable ACL will work for example this one

    permit ip any host x.x.x.x
    permit ip any host y.y.y.y.y
    deny ip any 10.0.0.0 0.255.255.255

    Permit IP any any 

    Thanks



  • 2.  RE: Aruba CX ACLs with Clearpass

    EMPLOYEE
    Posted Mar 24, 2024 02:52 AM

    see if this works

    NAS-Filter-Rule = permit in ip from any to x.x.x.x

    NAS-Filter-Rule = permit in ip from any to y.y.y.y

    NAS-Filter-Rule = deny in ip from any to 10.0.0.0/8

    NAS-Filter-Rule = permit in ip from any to any 



    ------------------------------
    If my post was useful accept solution and/or give kudos.
    Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
    ------------------------------

    Original Message


  • 3.  RE: Aruba CX ACLs with Clearpass

    EMPLOYEE
    Posted 30 days ago

    You may be interested in checking out the Port Access Policy section of the AOS-CX Security guide (example for release 10.12) which offers some ways to obtain policies for authenticated users either locally, via RADIUS attributes, or from a ClearPass Policy Manager server.


    Original Message