Security

Hi Friends,
Greetings
We are having aruba 500 Series cluster in our campus in three clusters (Two are for college and one for Hostel Campus). Controller less. No CPPM. We are using FreeRADIUS with Google Secure LDAP. (EAP-TTLS-PAP). VC not supporting the Secure LDAP as authentication server….

I configured the Dynamic vlan assignment in the FreeRADIUS by using the industry standards. I am tried to configure the same type dynamic vlan assignment in the Virtual Controller to the users based on their LDAP Groups.

Is it possible to configure the dynamic vlan assignment in the VC?

Similarly we need to implement the following restrictions based on the LDAP group
Maximum connection per LDAP Group. That means the all users in that group can make 1 or 2 connections concurrently with their credentials
Download and upload limit per day
Bandwidth limit per user group
Timings 
Can anyone guide me?
Thanks in advance...

------------------------------
THIRUNAVUKKARASU P
------------------------------

The easiest way would be to import Aruba RADIUS dictionary into FreeRADIUS and use Aruba specific atributes. You can get dictionary on github link https://github.com/redBorder/freeradius/blob/master/share/dictionary.aruba

Best, Gorazd

------------------------------
Gorazd Kikelj
------------------------------

Hi 
Thanks for the reply
https://github.com/FreeRADIUS/freeradius-server/blob/master/share/dictionary/radius/dictionary.aruba
This dictionary imported already in the FreeRADIUS server.
But I am struggling to configure our needs with Aruba VC 
If you can plz share me the links regarding this..
Thanks in advance...

------------------------------
THIRUNAVUKKARASU P
------------------------------

Original Message:
Sent: Oct 29, 2021 04:07 AM
From: Gorazd Kikelj
Subject: Dynamic vlan and bandwidth - traffic shaping

The easiest way would be to import Aruba RADIUS dictionary into FreeRADIUS and use Aruba specific atributes. You can get dictionary on github link https://github.com/redBorder/freeradius/blob/master/share/dictionary.aruba

Best, Gorazd

------------------------------
Gorazd Kikelj
------------------------------

Hi THIRUNAVUKKARASU.

You should configure user roles on Instant. There you can define vlans, bandwidth, access control, schedule when rule is valid.

Not all your requirements can be configured on user role, radius server will need to provide attribute with session duration.



------------------------------
Gorazd Kikelj
------------------------------

Original Message:
Sent: Oct 30, 2021 04:04 AM
From: THIRUNAVUKKARASU P
Subject: Dynamic vlan and bandwidth - traffic shaping

Hi 
Thanks for the reply
https://github.com/FreeRADIUS/freeradius-server/blob/master/share/dictionary/radius/dictionary.aruba
This dictionary imported already in the FreeRADIUS server.
But I am struggling to configure our needs with Aruba VC 
If you can plz share me the links regarding this..
Thanks in advance...

------------------------------
THIRUNAVUKKARASU P
------------------------------


Original Message:
Sent: Oct 29, 2021 04:07 AM
From: Gorazd Kikelj
Subject: Dynamic vlan and bandwidth - traffic shaping

The easiest way would be to import Aruba RADIUS dictionary into FreeRADIUS and use Aruba specific atributes. You can get dictionary on github link https://github.com/redBorder/freeradius/blob/master/share/dictionary.aruba

Best, Gorazd

------------------------------
Gorazd Kikelj