Wireless Access

 View Only
last person joined: 3 days ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Expand all | Collapse all

Device Timed Access

This thread has been viewed 6 times
  • 1.  Device Timed Access

    Posted 7 days ago

    Hi, 

    I have a query from a site we have an instant 505 cluster using the virtual controller setup. I have been asked if there's a possibility of blocking access per device. I know there is time access which will disable the whole SSID on set time/date parameters but this won't do as they still want other devices connected to the SSID to work. 

    The authentication is clearpass for this network as it is guest. Maybe an enforcement policy could work here if anyone has any experience as it doesn't look like the virtual controller can do this.

    Thanks in advance!



  • 2.  RE: Device Timed Access

    MVP GURU
    Posted 7 days ago

    If you use the role mapping in clearpass you can allow the devices you would want on after hours with a role like "after-hours-capable". The other devices can get a default role mapping of something like "not-after-hours-capable".

    Then in your enforcement profile, set a condition where it says something along the lines of "if the device is not-after-hours-capable, AND the current time is between 5pm-6am, deny access". 

    For the allow devices something like "if the device is after-hours-capable, AND the current time is between 5pm-6am, allow access



    ------------------------------
    Dustin Burns

    Lead Mobility Engineer @Worldcom Exchange, Inc.

    ACCX 1271| ACMX 509| ACSP | ACDA | MVP Guru 2022-2023
    If my post was useful accept solution and/or give kudos
    ------------------------------