Not sure where you got that VLAN enforcement profile from, but the VLAN ID should be in the Tunnel-Private-Group-Id attribute, not in the Egress-VLANID:
For ArubaOS-Switch, you can also return the VLAN as Hewlett-Packard-Enterprise attibute:
Or the HPE-Egress-VLAN-ID if you prefer to return a VLAN number instead of using Named VLANs.
Seems you mixed up the methods, which doesn't work.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Apr 10, 2024 01:44 PM
From: Olivier Bruyat
Subject: Help - AOS-Switch - MacAuth failing to assign VOIP vlan
Hello guys,
i'm having issues with macAuth on a Aruba 2930F (WC.16.11.0016) where the switch fails to assign a VOIP vlan. ClearPass Access tracker shows that the host is using the correct service policy and the enforcement profile is assigning the correct vlan but the VLAN is not assigned on the switch side.
I searched all the docs but I can't find solutions. Thank you for your help.
I get those errors on the log of the switch :
Policy Enforcement on ClearPass
------------------------------
Olivier
------------------------------