Controllerless Networks

last person joined: yesterday 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

IAP dynamic VLAN assignment from clearpass

This thread has been viewed 12 times

  • 1.  IAP dynamic VLAN assignment from clearpass

    Posted Feb 07, 2017 10:29 AM

    I have an instant cluster and I want to assign a vlan to a client from clear pass.   I am thinking this is done with the dynamic vlan settings.   is there a document that describes the different settings and what clearpass needs to sent to set it?   I just want clare pass to send back a vlan number and put the devices in that vlan.   Also if that vlan is not present in the IAP cluster what happens (say clearpass sends back vlan 10 yet vlan 10 is not at the site, will it go to the default vlan?).

     

    running 6.4.2.6 code.  



  • 2.  RE: IAP dynamic VLAN assignment from clearpass

    EMPLOYEE
    Posted Feb 07, 2017 10:32 AM

    You can return the aruba-user-vlan radius attribute:  http://www.arubanetworks.com/techdocs/Instant_423_WebHelp/InstantWebHelp.htm#UG_files/Roles_and_policies/UnderstandVLAN derivation.htm?Highlight=aruba-user-vlan

     

    If that VLAN does not exist, it will set it to the default VLAN set.



  • 3.  RE: IAP dynamic VLAN assignment from clearpass

    Posted Feb 07, 2017 11:24 AM

    is there a way to see what is being sent from clearpass? on the campus controller I debug authmgr but not sure how/what debug to run on the IAP. The clearpass guy says he is passing the Aruba-User-Vlan . here is what I have configured in the IAP:

     

    Assign Vlan returned as vlaue of Aruba-User-Vlan

    Default VLAN: 190

     

    when I connect up with this setting I look in the controller and show associations and the client has vlan 190 but doesn't get an ip address.   if I just have it set to static he gets and ip in vlan 190 and shows to be in vlan 190.