Security

 View Only
last person joined: 3 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

ClearPass and Dell EMC S3100 switches - CoA and radius attribute for tagged VLAN

This thread has been viewed 3 times

  • 1.  ClearPass and Dell EMC S3100 switches - CoA and radius attribute for tagged VLAN

    Posted 9 hours ago

    I'm currently working on integrating a Dell S3100 switch with ClearPass for 802.1X and MAB. I couldn't find a specific template for this switch, so I built the configuration based on available public documentation. However, I'm encountering two issues that I can't seem to resolve:

    1. Change of Authorization (CoA) Not Working: I configured the vendor as Cisco (I also tried IETF), but CoA does not work. Has anyone faced this issue or have any suggestions on the correct vendor settings?

    2. VLAN Configuration Issues:

      • We have a data VLAN that is untagged on VLAN 100.
      • The voice VLAN is tagged on VLAN 200.

      I used the "Tunnel-Private-Group-ID" attribute to set the VLAN value for the untagged data VLAN, but I couldn't find the correct attribute for the tagged VLAN. I tried different options for IETF "Egress-VLANID" and IETF "Egress-VLAN-Name" with no success.

    Does anyone have a template for this switch or know the right vendor name and RADIUS attributes I can use to set both tagged and untagged VLANs as well as enable CoA?

    Any help or guidance would be greatly appreciated!

    Thanks in advance