Security

Reply
Highlighted
Occasional Contributor II

NAS Identifier in policy

Hi , I have a Device group contaning 2 switches 

 

one switch name is abc-industrial-switch  and other is hpe-standard-switch

 

both the switches have windows machine connected and both the machines are hitting the mac auth service 

 

i want to return guest vlan to machines from standard switch endpoints and allow access profile to industrial

 

I can use condition source IP in policy to do it but i have 100 switch in industrial location , so instead of IP i want to use name of NAS identifier in condition but there is no option for NAS name . how to achieve it

 

I want to use keyword "industrial" in a condition to return allow acces profile 

MVP Guru

Re: NAS Identifier in policy

Under the Network > Device > Attribute Tab you could add a location attribute and use that in your policy decision
Policy :
Device > Location > Industrial > allow access



Thank you

Victor Fabian

Pardon typos sent from Mobile
Thank you

Victor Fabian
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Guru Elite

Re: NAS Identifier in policy

You can use RADIUS attributes in role mapping.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor II

Re: NAS Identifier in policy

This is wrking . thanks Victor

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: