Wireless Access

last person joined: 20 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Dynamic Vlan - RSA radius server

This thread has been viewed 0 times

  • 1.  Dynamic Vlan - RSA radius server

    Posted Feb 05, 2015 11:24 AM

    Hello,

     

    I am trying to configure dynamic vlan assignment on aruba controller 3200 using RSA as authentication / Radius server (8.1)

    I got the authentication part working. But not the vlan assignment , not sure what are the attributes that i need and how to configure both controller and rsa for this setup. 

     

    Has anyone done this before?  All the reference I have found is for AD as the radius server. 

     

    Can someone help?

     



  • 2.  RE: Dynamic Vlan - RSA radius server

    Posted Feb 05, 2015 12:30 PM

    This may not be the answer you're needing, but unfortunately I don't know the RSA product.  Do you know how to setup RSA to return vendor specific attributes?  It may involve setting up a RADIUS dictionary and adding Aruba attributes you want to return.  In this case, you can use the following VSAs to return either a named VLAN or VLAN #:

     

    Named VLAN: Aruba-Named-Vlan

    VLAN #: Aruba-User-Vlan



  • 3.  RE: Dynamic Vlan - RSA radius server

    Posted Feb 05, 2015 12:40 PM
    Like thecompnerd mentioned you can returned Aruba VSA .

    Here's some instructions:
    http://www.arubanetworks.com/techdocs/ArubaOS_63_Web_Help/Content/ArubaFrameStyles/Firewall_Roles/User_Role_Assignments.htm


  • 4.  RE: Dynamic Vlan - RSA radius server

    Posted Feb 26, 2015 04:17 PM

    Appologies for the late reply.

    But we have decided to go with AD authentication and use clearpass as its easy to grab the attributes from AD. And not everyone in our company has rsa tokens. 

     

    I cannot say if above comments are solutions. But kudos for responding!