Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Using Downloadable User Profiles

This thread has been viewed 0 times

  • 1.  Using Downloadable User Profiles

    Posted Dec 14, 2018 07:28 AM

    I'm playing with Downloadable User Profiles and have the following

    class ipv4 "IP-ANY-ANY"
    10 match ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
    exit

    policy user "PERMIT-ALL"
    10 class ipv4 "IP-ANY-ANY" action permit
    exit

    aaa authorization user-role name "roaming_dup”
    policy "PERMIT-ALL"
    reauth-period 3600
    vlan-name "roaming_vlan"
    exit

     

    As per the wired policy enforcement guide document.

    I take it the fact that  I can specify reauth-period ... in the profile and a vlan name means that I can remove those attributes from my npormal Access-Accept packet?  What about attributes such as Accounting interim period? Is ther ea list of profile equivalents to attrbutes you might pass back in an Access-Accept packet?

     



  • 2.  RE: Using Downloadable User Profiles
    Best Answer

    Posted Dec 14, 2018 08:48 AM

    ok read the doc