Hi All,
I have a new client that is all Aruba networking gear. I've determined that all users authenticate to WiFi using 802.1x through a clearpass controller using AD creds. Currently, all users who connect to WiFi are connecting to the same vlan with full network access to all networking gear and servers. Most users do not need network access to those devices. Client will not allow for a separate SSID to be created at this time (this is possible, but they want to investigate other options first). So, I am looking into some sort of vlan steering upon authentication, or perhaps a per user ACL. It appears this may be possible using policies in clearpass. I have no past Aruba experience, so clearpass and airwave are new to me. Most of my experience has been with Cisco and Meraki WiFi products. If someone has a similar situation it would be helpful to see how you dealt with it, or what options I have with clearpass.
Thank you
No comments:
Post a Comment