Security

 View Only

  • 1.  Clearpass Tunnel-Private-Group-Id with wildcard

    Posted Aug 12, 2020 03:58 AM

    Hi all,

    for wired users we need to return vlan name as radius attribute from clearpass. As we have more buildings under one core switch (CS) we had to use more users vlans, so we have on cs now vlans like Users-A, Users-B,... On edge switch (ES) A we have user vlan Users-A, on ES-B we have Users-B,...

    With radius attribute Tunnel-Private-Group-Id we need to return vlan name for users (we can't use vlan ID as each es has different vlan ID) connected to appropriate es.

     

    Is it possible somehow to return just wildcard of the vlan name? Something like "Tunnel-Private-Group-Id=Users-*". Or is there any other radius attribute or some other way how to achieve this?

    I know that one of the possibility is to keep vlan names on CS and then to change vlan names on ES to just Users for example. But this means for us to reconfigure approximately 40 ESs. 

     

    THX



  • 2.  RE: Clearpass Tunnel-Private-Group-Id with wildcard



  • 3.  RE: Clearpass Tunnel-Private-Group-Id with wildcard

    Posted Aug 12, 2020 03:25 PM

    Hi, thx for recommendations. I like the one with adding network device attribute. Definitely I’ll try that one.

     

    Thx once again.



Related Content