Controllerless Networks

last person joined: yesterday 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

assign multiple vlans from clearpass using IAP

This thread has been viewed 3 times

  • 1.  assign multiple vlans from clearpass using IAP

    Posted Feb 11, 2020 04:45 AM

    Dears,

    i need to assign multiple vlans from clearpass on the same SSID according to user credentials on AD using IAP



  • 2.  RE: assign multiple vlans from clearpass using IAP

    Posted Feb 11, 2020 11:45 AM
    Why? You know you'll need to trunk all these VLANs to each IAP right?

    You have a highly configurable role based access system. Unless you have a specific use case that specifies you must use VLAN separation I would assign roles (with appropriate firewall policies if necessary) rather than VLANs.


  • 3.  RE: assign multiple vlans from clearpass using IAP

    Posted Feb 12, 2020 03:37 PM

    As jrwhitehead mentions, I would probably go back to the drawing board for this one. Although it is completely possible if you trunk the VLAN to all the IAPs. 

    Configure profiles using the Aruba-User-Vlan (2) attribute, create a policy matching your user credentials to the desired profiles and match the flow in a service.



  • 4.  RE: assign multiple vlans from clearpass using IAP
    Best Answer

    Posted Feb 19, 2020 06:59 AM
    Make sure you trunk all the necessary VLANs to the IAP and in ClearPass use the Aruba-User-VLAN attribute to return the VLAN as an enforcement profile based a on the AD membership condition

    Sent from Mail for Windows 10


  • 5.  RE: assign multiple vlans from clearpass using IAP

    Posted Feb 25, 2020 09:05 AM

    thank you so much ^_^ it works