thats the way to do it, also remember to use Endpoints: Conflict flag which indicates a change in the device category, in your enforcement policy.
------------------------------
Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba.
------------------------------
Original Message:
Sent: May 03, 2022 07:13 PM
From: Jason Tucker
Subject: How Clearpass sets up authentication based on device type
We set up a role for our avaya voip phones. Then we created a role mapping (Authorization:[Endpoints Repository]:MAC Vendor EQUALS Avaya Inc). Then we created a wired mac auth policy that allowed the avaya voip phone and applied the "allow access" profile when a phone was plugged in.
This should give you a start
------------------------------
Jason Tucker
Original Message:
Sent: Apr 28, 2022 11:14 PM
From: Hevin Huo
Subject: How Clearpass sets up authentication based on device type
Our company was recently preparing to deploy the Clearpass and is now in trouble. Since there are many devices like Avaya phone that cannot be 802.1x certified, and establishing MAB certification is a huge challenge for us. And we cannot confirm which port it conected, So we can't cancel the configuration of authentication on the switch interface. How do I set up admission based on the type of device? Its purpose is to authenticate devices like Avaya phones that cannot perform 802.1x.
------------------------------
Hevin Huo
------------------------------