Security

Reply
New Contributor

Clearpass + Aruba IAP WLAN + allow only the specified username + account pairs

Hi, We are building a test device WLAN.

 

It would be great if we could allow only the specified device+username pairs. I mean, if the account is X and device is Y, the connection to the WLAN is allowed. But if the device is something else with the account X, the connection is not allowed.

 

I was thinking that I would create a device with an attribute 'username' and match 'Device:username' to the username provided in RADIUS packets, but I couldn't find a way to do this.

 

Clearpass 6.8 is used here, authentication against AD and Aruba IAPs as Access Points.

 

Any thoughts?

Highlighted
Aruba Employee

Re: Clearpass + Aruba IAP WLAN + allow only the specified username + account pairs

Your enforcment policy should look like this

Screen Shot 2019-10-07 at 4.04.24 PM.png

New Contributor

Re: Clearpass + Aruba IAP WLAN + allow only the specified username + account pairs

Hi,

Oh, didn't know that I can access those as %variables% in the rules.

 

Thanks! I'll give it a try, and it may be just what we need. At least it seems to be suitable in theory. :)

 

-Olli

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: