Security

Upcoming community maintenance Oct. 27th through Oct. 29th
For more info click here
Reply
Highlighted
Occasional Contributor I

does Aruba 2920 support a Critical VLAN for DUR

I am in the process of configuring switches for Downloadable User Roles (DUR) we mostly have 5400R and 2920 series. I was in the process of trying to configure a critical vlan (for when CPPM is unreachable) and I noticed that the 2920 does not have that capability or at least the same command does not work. the command I am attempting to use is:  

aaa port-access <PORT-LIST> critical-auth {voice-vlan <VLAN-ID> | data-vlan <VLAN-ID>
 | user-role <ROLE-NAME>}

There is no "critical-auth" option on the 2920; however there is on the 5400 series. Does anyone know if the 2920 supports the critical VLAN feature and if so how do I go about configuring it.

 

The FW version we are running is 16.10.0007

 

Thank You 

 

Highlighted
MVP

Re: does Aruba 2920 support a Critical VLAN for DUR

yes it is supported from 16.08 version

its something  like this

 

aaa authorization user-role name critical-auth-role

vlan-id tagged 10

vlan-id untagged 20

exit


If a reply adequately addresses your issue, please click on the "Accept as Solution"
Highlighted
Occasional Contributor I

Re: does Aruba 2920 support a Critical VLAN for DUR

Thank You. 

 

Is that a global rule, because I thought I had to configure a port to use the critical role by issuing the "aaa port-access" command after issuing the "aaa authorization user-role". I'm getting this information from here: https://techhub.hpe.com/eginfolib/Aruba/16.08/5200-5488/index.html#GUID-14183A41-52DC-474A-B5CA-D1F02B2DB3E7.html

 

They really need to update the Wired Policy Enforcement Guide. the most recent version I can find is from 2018.

 

I'm working remotely for next few days so I will not be able to test anything until next week.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: