Security

Reply
Frequent Contributor II

Clearpass Guest VLAN Enforcement sticking Issue?

I'm faceing strange isssue with clearpass guest, I have configured some roles for useres and Enforcment Policy now I have configured VLAN 10 to be in initial role tsate before authentication,now I added Enforment of VLAN to be done based on user role the thing is the user is stucked in VLAN10 and did not enforced to the new VLAn and on access tracker it showes that the Enforment is applied all CoA is configured from both sideds Controller and Clearpass and all is Good except this issue now how to make user change the VLAN after autthentication.

Guru Elite

Re: Clearpass Guest VLAN Enforcement sticking Issue?

Let me just say that it is almost impossible to get a user to switch vlans in a captive portal. With that being said, please show us screenshots of the enforcement policy you are using.

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Guru Elite

Re: Clearpass Guest VLAN Enforcement sticking Issue?

You should keep them in the same VLAN and change the user-role with different firewall policies attached. Many clients will not re-DHCP after a CoA.


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Frequent Contributor II

Re: Clearpass Guest VLAN Enforcement sticking Issue?

So you all say it is ok for VLAN to be same and only change role

Guru Elite

Re: Clearpass Guest VLAN Enforcement sticking Issue?

That is the only way that it is done, really.  Alot of clients do not switch ip addresses to the new subnet and that creates problems when you try to change vlans after authentication.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: