Upcoming community maintenance Oct. 27th through Oct. 29th
For more info click here
Occasional Contributor I

does Aruba 2920 support a Critical VLAN for DUR

I am in the process of configuring switches for Downloadable User Roles (DUR) we mostly have 5400R and 2920 series. I was in the process of trying to configure a critical vlan (for when CPPM is unreachable) and I noticed that the 2920 does not have that capability or at least the same command does not work. the command I am attempting to use is:  

aaa port-access <PORT-LIST> critical-auth {voice-vlan <VLAN-ID> | data-vlan <VLAN-ID>
 | user-role <ROLE-NAME>}

There is no "critical-auth" option on the 2920; however there is on the 5400 series. Does anyone know if the 2920 supports the critical VLAN feature and if so how do I go about configuring it.


The FW version we are running is 16.10.0007


Thank You 



Re: does Aruba 2920 support a Critical VLAN for DUR

yes it is supported from 16.08 version

its something  like this


aaa authorization user-role name critical-auth-role

vlan-id tagged 10

vlan-id untagged 20


If a reply adequately addresses your issue, please click on the "Accept as Solution"
Occasional Contributor I

Re: does Aruba 2920 support a Critical VLAN for DUR

Thank You. 


Is that a global rule, because I thought I had to configure a port to use the critical role by issuing the "aaa port-access" command after issuing the "aaa authorization user-role". I'm getting this information from here:


They really need to update the Wired Policy Enforcement Guide. the most recent version I can find is from 2018.


I'm working remotely for next few days so I will not be able to test anything until next week.

Search Airheads
Showing results for 
Search instead for 
Did you mean: