Wireless Access

Occasional Contributor II

User Roles and Access Switches

Hi Guys


To further my conversation on the Airheads Expert Day  - http://community.arubanetworks.com/t5/Community-Expert-Day-1-17-14/User-Roles-and-Access-Switches/td-p/133461# 


When Users are mapped a role (a set of acls) post their authentication based on their credentials, where does that mapping occur?

Does it occur in the aruba swtich memory, in the aruba switch running config or where on the switch?


I'll appreciate your feedback!




Guru Elite

Re: User Roles and Access Switches

The user-roles and necessary configuration pieces (vlan, ACL, reauth interval) can be stored in the config file or can be downloaded dynamically from ClearPass if downloadable user roles is enabled.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.

Re: User Roles and Access Switches


To add on to cappalli's comments, whether the role(s) are statically defined in the switches configuration or dynamically sent down via ClearPass, the ACLs are pushed down into the ASICs of the Mobility Access Switch. You can have multiple devices using different roles on a single port and they will be independent of one another.


Best regards,



Search Airheads
Showing results for 
Search instead for 
Did you mean: