Regular Contributor I

DUR Separate Policy and VLAN

Using CPPM for Downloadable User Roles to 2930 switches. I can call en Enforcement Profile that has a Policy to set ACL and VLAN. Works great.


I would like to create seperate ENF Profiles. One to send Policy and another to send VLAN. Anyone know if this is possible? I have tried with no luck. 


Example for a single authentication (two enforcement profiles called in the same enforcement policy condition)

- Send Allow-All Policy 

- Send VLAN 123 Policy

This would allow a device to connect with full access and be placed on VLAN 123. 


This would be great as I can then just have a single Enforcement Profile for Allow-All and individual Enforcement Profiles for the VLANs. This would then allow me to mix and match different enforcement profiles during a single condition (such as a more restrictive ACL) with the VLAN profiles I already have. 


Today I need to create seperate enf. profiles for each combination 

AMFX #69
Aruba Partner Ambassador
Guru Elite

Re: DUR Separate Policy and VLAN

No. A DUR is one object.

| Tim Cappalli | Aruba Security | @timcappalli | |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Regular Contributor I

Re: DUR Separate Policy and VLAN

Thanks. I figured so but thought I would ask. 

AMFX #69
Aruba Partner Ambassador
Search Airheads
Showing results for 
Search instead for 
Did you mean: