Hi,
You can make Clearpass push a dACL to a Cisco switch. There is a predefined template for it in the Enforcement Profile:
https://www.arubanetworks.com/techdocs/ClearPass/Aruba_DeployGd_HTML/Content/Cisco%20Switch/DACL_setup.htm
So you should be able to have a pre auth ACL on the switchport and then the dACL should overwrite it after authentication.
I have not tried this myself and dont have time untill the weekend to try this in my lab, but in theory it should work.
Regards
Philip
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.