Kimiko,
Yes for the first question.
Aruba requires you to use Profile in the Aruba configuration, you will
need to create roles, they do not have to be the same names as in PF,
you make the link between roles in PF and roles in Aruba in your
switches configuration in PacketFence.
If you use the automatically register, after being authenticate in dot1x
devices should go to their production vlan.
Check out the network configuration guide
https://packetfence.org/doc/PacketFence_Network_Devices_Configuration_Guide.html#_aruba
You should find the information about how to configure the Aruba.
Thanks
On 09/08/2017 10:26 AM, Kimiko_Yan wrote:
Hi Antoine,
Do you mean the "Automatically register devices" check in my
"radius_auth" connection profile ?
I read the explanation besides and maybe you are right, I'll try it in
my PoC environment later.
But there is another question: even if pf set my device to
registration role, why Aruba AC assigned my with normal VLAN's IP ? I
thought registration role should have registration vlan's IP (ip in
192.168.2.0/24)
I'm not sure if my Aruba AC was wrongly configured. I checked a little
but not found any role named "registration" or "employees" in Aruba
AC. The Aruba configuration is too complicated... I have to check with
our network engineer with that.
--
Antoine Amacher
[email protected] :: www.inverse.ca
+1.514.447.4918 x130 :: +1 (866) 353-6153 x130
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
