Attributes from switch in tunneled node
11-28-2017 05:20 AM
Running 2930F 16.02 in PerPortTunneledNode to 8.1 (soon 8.2) controllers with .1x machine authentication in Clearpass 6.6.8.
The CPPM is to assign a VLAN to the computers. The problem is that we have to assign a different VLAN based on which switch (site) the computer is connected to.
But the only data from the swtiches that Clearpass picks up is Aruba-Port-ID containing its IP and MAC, and we have the same management-vlan for all the switches. I don't want to configure one role assigment rule per switch.
Is there a way to configure a RADIUS attribute (VSA) in the switches that Clearpass can make rules on? So all switches on site A sends attribute X that Clearpass can make rules on.
Wireless network engineer consultant| @phivil | ACMP ACCP ACDX #759