Contributor II

HP/Colubris SSID in Clearpass



I'm having a problem with a mixed network of HP and Aruba access points.  The same SSID is on both (in different buildings) and authenticating to the same clearpass server cluster.


On the Aruba side, I get the Radius:Aruba:Aruba-Essid-Name attribute in the request, and I get a computer attribute of Connection:SSID to match.


On the HP side, the SSID is in Radius:Colubris:Colubris-AVPair attribute as a key-value pair (ssid=xxx), and there is no Connection:SSID computed attribute.


Does anyone know of a way to convince Clearpass to compute the SSID attribute with an HP access point?  Or, can anyone suggest an alternate approach?  My goal is to process the SSID with a single service rule in Clearpass, mainly for statisitics purposes.


If I took out the nas-port-type and service-type matches in the service rule, I could do with with a "match any" rule, but I'm not sure if that's a good idea.


Re: HP/Colubris SSID in Clearpass

Your last sentence is something that could work.  I don't foresee it as causing any other issue especially if the service ordering is correct.  


The best bet is having two services as I can also see that a combined enforcement policy mixing Aruba VSAs with another vendor may be a bit complex. 

Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
If you found my post helpful, please give kudos
Contributor II

Re: HP/Colubris SSID in Clearpass

I thought about that, but I do this now to set the admin role for my Palo Alto and Aruba devices within a single enforcement policy and it seems to work fine.

Search Airheads
Showing results for 
Search instead for 
Did you mean: