Instant On - Wireless

Hi,

I've recently switched to Aruba 615 running Instant. I wanted to move from PSK to Enterprise - which worked really good. I've since successfully enabled NPS Authentication but I struggle to implement the following:

1 Profile(SSID) with the following settings:
- User authentication using the Windows Credentials (works based on call-in settings or group membership)
- Depending on Group-membership they are role assigned a diffent VLAN (don't know how, I can't seem to reply a group)

Any help?

Thanks in Advance!

------------------------------
Peter Breuer
------------------------------

Hi Peter.

You will need to send this question in Airheads Security forum.


You need to send Aruba Radius attribute Aruba-User-Role in radius response. Also your RADIUS server need to have an Aruba RADIUS dictionary.

Aruba-User-Role is a string, where you provide Aruba Instant Role. In the role you define VLAN and other security attributes. Role is defined on AP under Security / Role.

Best, Gorazd

------------------------------
Gorazd Kikelj
------------------------------

Original Message:
Sent: 01-20-2023 02:37 AM
From: PB44
Subject: Using NPS to determine group for VLAN membership

Hi,

I've recently switched to Aruba 615 running Instant. I wanted to move from PSK to Enterprise - which worked really good. I've since successfully enabled NPS Authentication but I struggle to implement the following:

1 Profile(SSID) with the following settings:
- User authentication using the Windows Credentials (works based on call-in settings or group membership)
- Depending on Group-membership they are role assigned a diffent VLAN (don't know how, I can't seem to reply a group)

Any help?

Thanks in Advance!

------------------------------
Peter Breuer
------------------------------