05-18-2016 12:26 AM
Somewhat of a newbie with CPPM. Bare with me.. and thanks for the impending help...
I have an IAP, RADIUS backhauled to CPPM.
I have built a local user db on CPPM, where I have added an 'Attribute' of 'Designation' to specify a string that is used to provide 'VLAN Enforcement' on.
I'm after some coaching on relevant Enforcement Profile and Enforcement Policy setup to be able to hook on this 'Designation' attribute to enforce the Vlan the attribute dictates.
Then, the authentication flow is when someone enters the challenge corresponding to userid/password, they authenticate and get pinned to the appropriate vlan.
For the Enforcement Profile, I presume i'm picking a radius type of 'Aruba' or 'IETF' and what attribute ?
For the Enforcement Policy, this seems confusing.. when creating a rule, the only 'Name' option I have when specifying an Authorization Type of 'Local User Repository' is 'Enabled' and 'Role_Name'. I can't hook on the 'Designation' ?
Open for suggestions from the community.
It looks like if only 'Role' is hookable then I need to create a 1:1 listing for new role's based on number of vlans I have ?
Solved! Go to Solution.
05-18-2016 06:04 AM
| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |