Security

Reply
Highlighted
New Contributor

difference between downloadable acl and downloadbale User Roles

Hello im searching for a information source about the main differences between downloadable User Roles and dacl. We have a mixed environment with 2530 and 2540 switches. The documantation for clearpass Captive Portal for both switches describes the use of Nas Filter Rules (dacl?).From my understanding the 2540 could also use DUR, wouldn't it be better then? Which possibilties do i miss whith my 2530 switches and dacl only?
regards Niklas

Aruba Employee

Re: difference between downloadable acl and downloadbale User Roles

Downloadable user roles should always be preferred.

 

It gives you more flexibility. A user role can contain QoS, VLAN etc as well wheras the acl only provides rules.

 

 

MVP Guru

Re: difference between downloadable acl and downloadbale User Roles

User roles combine all access attributes for a user in a single object, so it is more flexible than and manageable than separate ACLs.

 

This video series has in the start a nice explanation on the concepts in the first episodes.

 

Also note that you can have local user roles on the 2530. The feature that you won't have versus the 2540 is that you can't download the role content from ClearPass but you can configure it on the switch itself and return the role name from ClearPass.

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).
New Contributor

Re: difference between downloadable acl and downloadbale User Roles

thank you, this clarifies it for me.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: