Hi,
I have reached kind of a dead end with this. Having working simple solution 802.1X authentication and FreeRADIUS, simply authentication users defined in RADIUS users file with password. After successful auth default role 'authenticated' is applied.
... but I can't get role deriviation from Aruba VSA Aruba-User-Role. I have configured another role 'authenticated-vsa' on the controller, on RADIUS in 'users' file I have bob Cleartext-Password := "bob123" and Aruba-User-Role := "authenticated-vsa"
As I checked FreeRADIUS configuration, dictrionary.aruba file with definitions is already included. I have also read that there is no need for explicit server derivation rule on the controller to apply VSA attribute.
Anybody can give me a hint?
UPDATE: see FreeRADIUS debug below, it seems radius is sending VSA Aruba-User-Role so the problem is on the controller site. I have tried with or withoud server rules, no change
[eap] EAP Identity
[eap] processing type md5
rlm_eap_md5: Issuing Challenge
++[eap] returns handled
Sending Access-Challenge of id 105 to 172.16.0.254 port 59329
Aruba-User-Role := "authenticated-vsa"
EAP-Message = 0x010300160410b5302d12e3b0bc39b6a55d1963ba5815
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x52e1d8da52e2dc053abe7d46171537b4
[peap] Got tunneled reply code 2
Aruba-User-Role := "authenticated-vsa"
MS-MPPE-Encryption-Policy = 0x00000002
MS-MPPE-Encryption-Types = 0x00000004
MS-MPPE-Send-Key = 0x03fc70495b61ff2bc92d0a920d5bf71e
MS-MPPE-Recv-Key = 0xdfa3cb0c9501b992af40543ccc728b94
EAP-Message = 0x03090004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = "bob"
[peap] Got tunneled reply RADIUS code 2
Aruba-User-Role := "authenticated-vsa"
MS-MPPE-Encryption-Policy = 0x00000002
MS-MPPE-Encryption-Types = 0x00000004
MS-MPPE-Send-Key = 0x03fc70495b61ff2bc92d0a920d5bf71e
MS-MPPE-Recv-Key = 0xdfa3cb0c9501b992af40543ccc728b94
EAP-Message = 0x03090004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = "bob"
[peap] Tunneled authentication was successful.
[peap] SUCCESS