CoA and downloadable user roles
05-13-2019 02:31 AM - edited 05-13-2019 02:35 AM
Please ignore, solution is to do not return the user role but to simply reset the connection and return what you want with the subsequent MAC auth.
Doing a wired setup, all done with downloadable user roles from Clearpass.
Now arrived at the wired guest (captive portal) part.
Using DUR to return the initial logon-role works, but then..
Is it possible to use DUR in a CoA? Is there another way to keep my DUR? Or does my entire single point of user-role config fall apart here?
Koen (ACMX #351 | ACDX #547 | ACCP)
-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Re: CoA and downloadable user roles
05-13-2019 05:17 AM
During the guest logon you will need to assign the post-authentication profile (assign guest-role/mac caching) and also return the ArubaOS switch terminate session (CoA) , which will force the user to reauth (mac authentication) and at that point you can return the final guest-dur
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA