Got an ArubaOS switch install with downloadable user roles.
Works great except for their AP's which have bridged SSID's. Converting those to tunneled is not an option.
I've been trying to get this working but am so far failing.
I've gotten so far to push a DUR with vlan-id and several vlan-id-tagged but since every WLAN user still gets the second wired auth that doesn't help much.
2930F# sho port-access clients
Downloaded user roles are preceded by *
Port Access Client Status
Port Client Name MAC Address IP Address User Role Type VLAN
----- ------------- ----------------- --------------- ----------------- ----- -------------------------------------------------------
1 14abc5-f7af85 n/a 8021X 151
1 14abc5f7af85 14abc5-f7af85 n/a *dur_logon_unm... MAC 151
1 Access Points 484ae9-cf0620 10.6.50.186 *dur_access_po... MAC 152, 153, 150
2930F# sho vlans ports 1 detail
Status and Counters - VLAN Information - for ports 1
VLAN ID Name | Status Voice Jumbo Mode
------- -------------------- + ---------- ----- ----- --------
150 WIFI_MGMT | Port-based No No Untagged
151 GUEST | Port-based No No Auto
152 INTERNET | Port-based No No Tagged
153 WIFI_DATA | Port-based No No Tagged
I've also tried pushing hpe vsa HPE-Port-MA-Port-Mode (14) and/or HPE-Port-Dot1x-Port-Mode (13) as port-based at the same time but this seems to break the DUR config.
So, is this possible what I am trying to do here?
Or will I have to rip out all the DUR config or change the AP ports to unauthenticated? OR will I have to manually set all the ports with APs to port-based?