WPA2-PSK SSID with MAC-Auth and DUR
02-18-2019 03:21 PM
I got a problem trying to assign dynamic VLANs to a WPA2-PSK SSID via Clearpass Downloadable User Roles.
To sum up the issue: Device is successfully authenticated via Clearpass MAC Service and DUR is presented to the Controller.
"Show user" shows the correct DUR for my client.
"show rights downloaded-user-roles" show the correct VLAN for the specified DUR.
The client just gets the VLAN that is assigned in the VAP Profile though.
If a return "Aruba-User-VLAN" in addition to the DUR, the assignment is working.
Is there anything missing or is the VLAN assignment via DUR just not working this way?
Appreciate any help on this topic.
With best regards,
Betreff: WPA2-PSK SSID with MAC-Auth and DUR
02-20-2019 12:22 PM
I am using Standard DURs.
That's the DUR currently used
any any any permit
access-list session allowall
Up BW:No Limit Down BW:No Limit
L2TP Pool = default-l2tp-pool
PPTP Pool = default-pptp-pool
Number of users referencing it = 3
Assigned VLAN = 30
Periodic reauthentication: Disabled
DPI Classification: Enabled
Youtube education: Disabled
Web Content Classification: Enabled
IP-Classification Enforcement: Enabled
ACL Number = 90/0
Max Sessions = 65535