Occasional Contributor II

NAS Identifier in policy

Hi , I have a Device group contaning 2 switches 


one switch name is abc-industrial-switch  and other is hpe-standard-switch


both the switches have windows machine connected and both the machines are hitting the mac auth service 


i want to return guest vlan to machines from standard switch endpoints and allow access profile to industrial


I can use condition source IP in policy to do it but i have 100 switch in industrial location , so instead of IP i want to use name of NAS identifier in condition but there is no option for NAS name . how to achieve it


I want to use keyword "industrial" in a condition to return allow acces profile 

MVP Guru

Re: NAS Identifier in policy

Under the Network > Device > Attribute Tab you could add a location attribute and use that in your policy decision
Policy :
Device > Location > Industrial > allow access

Thank you

Victor Fabian

Pardon typos sent from Mobile
Thank you

Victor Fabian
Lead Mobility Architect @WEI
Guru Elite

Re: NAS Identifier in policy

You can use RADIUS attributes in role mapping.

| Tim Cappalli | Aruba Security | @timcappalli | |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor II

Re: NAS Identifier in policy

This is wrking . thanks Victor

Search Airheads
Showing results for 
Search instead for 
Did you mean: