Aruba Switch 2930F SNMP Traps Link Status
02-24-2018 05:15 AM - edited 02-24-2018 05:16 AM
I try to integrate Aruba switch with Clearpass on onconnect features
snmp-server enable traps link-change to send status to the clearpass, I can able to insert command "
snmp-server enable traps link-change all ether 14-17
" but it not appear on show runnning that's why clearpass don't get information from the switch
I Would like to know it should be apear on running-config or doesn't ?
This's my version firmware
Aruba-Switch# show ver Image stamp: /ws/swbuildm/rel_ukiah_qaoff/code/build/lvm(swbuildm_rel_ukiah_qaoff_rel_ukiah) Jul 21 2017 14:09:42 WC.16.04.0008 423 Boot Image: Primary Boot ROM Version: WC.16.01.0003 Active Boot ROM: Primary
Re: Aruba Switch 2930F SNMP Traps Link Status
02-26-2018 01:46 AM
I would say yes, if you don't see traps and don't see the commands in the show running, the command is not properly accepted. Did you follow the ClearPass wired policy enforcement solution guide? There is a section on OnConnect there.
Unless you are testing OnConnect to understand it better, for the 2930F switches you are likely better off to implement 802.1X+MAC authentication as described in the same document. I see OnConnect as a fallback scenario only, if you can't configure 802.1X+MAC (or just MACAuth) for some reason. One misconception that I hear sometimes is that OnConnect is better for IoT, which is not true in most cases. MAC Auth is faster and less disruptive for clients as it is pro-active versus re-active for OnConnect.
If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).