Security

Reply
Contributor II

MC: Downloadable Role Issues

Hello, Airheads,

 

I currently have the problem that my Aruba Mobility Controller refuses to download a role from ClearPass.

 

The corresponding ClearPass user is stored in the RADIUS Server Settings of the MC

 

I also set the checkbox "Download Role from CPPM" in the default profile.

 

In the log I have the message:
Nov 8 12:51:35 :199802: <4792> <ERRS> |authmgr| message.c, tunneled_user_do_role_and_vlan_derivation:12850: User (b8:27:eb:6f:5c:27) unknown default role "TN-DUR-CL1-auth" provided
Nov 8 12:51:35 :199802: <4792> <ERRS> |authmgr| message.c, auth_handle_tunneled_user_add:12684: handle station failed: Mac: b8:27:eb:6f:5c:27


If I use a locally available role, of course it works.
Does anyone have an idea? Forget something ?

 

#ACMP #ACSP # ACCP
Contributor II

Re: MC: Downloadable Role Issues

Anybody ? :)

#ACMP #ACSP # ACCP
Contributor I

Re: MC: Downloadable Role Issues

Did you resolve this? We are seeing the same issue.

Contributor II

Re: MC: Downloadable Role Issues

Hello,

unfortunately not yet.


I talked to Herman Robers about it at an Airheads event, we couldn't solve it together.

 

Thanks again to Herman for the support :)

 

We also tested the VSA "HPE-CPPM-Secondary-Role", this VSA also works, but the controller still doesn't make any effort to download the role.

 

But he also told me that the approach is unusual, because the configuration of the roles via Mobility Master is easier than in Clearpass.

 

My approach to this project, however, is to configure EVERYTHING centrally in Clearpass, so that's where it all comes from.

 

Unfortunately, I haven't had time to open a ticket yet.


So far I configure the Secondary Role locally on the controllers.

Regards

 

#ACMP #ACSP # ACCP
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: