Is that Downloadable User Role?
Are all of your clients using the same Downloadable User Role?
If it's different, does the VLAN exist on the controller?
Can you share the 'show users' output on the controller/gateway?
Is the role you see there the initial role on the SSID? Or do you understand why the client gets that role?
When the problematic client is authenticated and connected, does 'show log all 200' on the controller give an indication on what could be wrong?
Please note that on controllers, the recommended way is to return role and VLAN in separate attributes. Role based VLANs are deprecated in most cases.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Nov 17, 2022 06:38 AM
From: Alex Sharaz
Subject: client connection not picking up DUP profile
Hi,
I've got a mobility controller running ArubaOS 8.10.0.4 and clearpass running 6.10.7
I've created a WLAN with DUP enabled on it. DUP is a simple "allow all" ACL set and a vlan definition.
14 devices on the WLAN, controller GUI shows 13 of them using my DUP. one of them using the local authenticated profile.
.Whatever I do, it looks as if this single device never uses the DUP. The clearpass end says its sending the profile.
Where do i look for logging to see whats happening?
Rgds
Alex