Wireless Access

last person joined: 14 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Forcing change of user role for the clients that are yet to acquire an IP address

This thread has been viewed 1 times

  • 1.  Forcing change of user role for the clients that are yet to acquire an IP address

    Posted Apr 20, 2017 05:24 AM

    Hi All,

     

    I have an open SSID with mac-authentication. The initial role for users failing mac authentication is 'deny all'.

    There are few mac in 'deny all', that I had later allowed in mac-auth list (local-db) with initial role as "authenticated".

     

    Now the problem is to have this users change role to authenticated. How can I enforce it to change role?

     

    Enforcing change in user roles for clients that have acquired an IP is possible through "aaa user delete <ip address>" but how about enforcing change in user roles for client that have  not yet acquired an IP and in denyall state?