Controllerless Networks

Reply
Highlighted
Regular Contributor I

Dynamic ACL Roles via Radius / FreeRadius , Instant AP ?

Hi

 

customer inquiry , dynamic ACL role when authenticating via radius, anyone built this already, e.g. with Instant APs ?  customer would like to modify acl's on Radius server, not on Aruba Instant or Controller , 

 

Talked with some SE's they pointed to Radius VSA , but dont have further details, need some binary answer "yes this is working properly" . 

 

thanks

ben

Guru Elite

Re: Dynamic ACL Roles via Radius / FreeRadius , Instant AP ?

Downloadable roles/ACLs are currently only available in controllers.


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Regular Contributor I

Re: Dynamic ACL Roles via Radius / FreeRadius , Instant AP ?

sounds good, you ever built this , or is there some homebrew or some basic step by step information what/where to config , e.g. if doing a PoC for customer and let him test the aruba solution with controller/AP based.

 

any homebrew documentation avail ?

 

 

Occasional Contributor I

Re: Dynamic ACL Roles via Radius / FreeRadius , Instant AP ?

Hi!

 

But what about preconfigured roles on Instant? Can I send role name in ACCEPT message from the Radius and get it applied on the access point?

Guru Elite

Re: Dynamic ACL Roles via Radius / FreeRadius , Instant AP ?

You need to import the Aruba radius dictionary and use the Aruba-User-Role VSA to send the value. 

You can also use filter-ID but then you have to map everything on the VC. 


Thanks, 
Tim

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: