Hi
Yes, I have found a solution for this issue. Working with Clearpass I have added a radius attribute in the reply: Avenda-Tag-Id (1) = 0.
So the total response in the profile to allow access and put the port in VLAN 10 for example is:
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-ID = "10"
Avenda-Tag-Id (1) = 0
You can of course add other attributes like timeout etc.
The same answer in a similar thread: https://community.arubainstanton.com/discussion/aruba-instant-on-1960-8021x-radius-clearpass-port-access-control.
If you have any questions, just let me know.
------------------------------
Peter Neyt
------------------------------
Original Message:
Sent: 06-13-2024 06:25 AM
From: dieter.arzt@trigonova.de
Subject: 802.1X Authentication and Dynamic VLAN Assignment with Aruba 1960 switch
Hi, do you have a solution for this topic
------------------------------
Dieter Arzt
Original Message:
Sent: 05-23-2023 12:52 AM
From: PR49
Subject: 802.1X Authentication and Dynamic VLAN Assignment with Aruba 1960 switch
I'm testing with Radius authentication (NPS server + AD) and dynamic VLAN assignment for a wired network. User authentication has so far failed
on my client machine. I double-checked, and the user credentials are correct. My switch's VLAN settings are provided below. Can somebody assist
me if I missed something or if the configurations need to be corrected?
> VLAN
Created VLAN 20 and 30
> VLAN interface configuration
Tagged VLANs: 20,30
Untagged VLAN: 1
> Radius configuration
Enabled "802.1x authentication mode"
Enabled "802.1x accounting mode"
Radius Server IP: 192.168.1.10
Authentication port: 1812
Accounting port: 1813
Server priority: 1
Secret: ########
> Port access control:
Enabled "Admin mode"
> Port configuration (interfaces)
Control mode: Auto
Enabled "VLAN assignment"
PS: This is not a MAC-based authentication.
------------------------------
Pradeep RJ
------------------------------