Security

Reply
Occasional Contributor II

Guest wireless with CoA to put user in different VLAN

Currently I have a setup where a user can register through the CPPM Captive portal, once completed they are connected to our production network.  the Aruba IAPs are able to identify the role these users were given and ACLs on the IAPs bock them for accessing any RFC1918 addresses allowing them only access to the internet.  A requirement has developed that will now require me to put these guest users into their own vlan entirely.  Is there a document out there that details how I get this done.  I imagine is a CoA changing the VLAN the user is in, I just have not clue where to beging. 

MVP Guru

Re: Guest wireless with CoA to put user in different VLAN

Radius CoA is used to change the role/VLAN/disconnect user who are connected to the network already. If your requirment is to place the new Guest uers in their own VLAN , we can send request in enforcment profile.

 

 

Regards,
Pavan
If my post address your queries, give kudos and accept as solution!
NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor II

Re: Guest wireless with CoA to put user in different VLAN

Oh that's good to konw. Are their any guides that might detail how to do that?

MVP Guru

Re: Guest wireless with CoA to put user in different VLAN

Link provide all CPPM-Tech note guides.

 

https://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/EntryId/7961/Default.aspx

 

Check for Guest Technote guide from the list of available CPPM-Tech guides

Regards,
Pavan
If my post address your queries, give kudos and accept as solution!
NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Guru Elite

Re: Guest wireless with CoA to put user in different VLAN

If you’re changing VLANs, you need to use a Disconnect, not a CoA.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Highlighted
Occasional Contributor II

Re: Guest wireless with CoA to put user in different VLAN

I noticed in the IAP when configuring the Guest Wireless SSID I can configure a VLAN to pass.  Couldn't I just do that since only guest users would be connecting to that?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: