Security

Hello,  I have an 802.1x TLS secured network with clients coming from both Aruba and Cisco campus AP's.  In CPPM, I have the following service:

With the below service, all have to match in order to use it, but because clients are authenticating from both Cisco and Aruba, the only way it works is to turn off service rule 3.   Is there a field that gets passed from both Cisco and Aruba that can be used to identify the SSID or something else to define the service a bit more than leaving it without the third ruleset.

I'm not really understanding what you're trying to do.

You should have 1 service for Aruba and 1 service for Cisco. Aruba will send the SSID using an Aruba VSA as Aruba-Essid-Name (as you have defined already). Cisco will send the SSID number using an Airespace VSA as the Airespace-Wlan-Id.

Ah, okay.  I was trying to collapse it into one service.  Do I have to enable specific vendor attributes to see Airespace or is that enabled by default.

thanks.

You should always use separate services for different vendors as the responses will be very different. You can reuse the role map for both services though which should make things much easier.

The Airespace dictionary is disabled by default. You can enable it under Administration > Dictionaries > RADIUS