Using Advanced Expressions In Role And Vlan Derivation Rules - Aruba IAP-335 User Manual

ends-with—The rule is applied only if the attribute value ends with the string specified in Operand.
l
5. Enter the string to match the attribute in the String text box.
6. Select the appropriate VLAN ID from the VLAN drop-down list.
7. Click OK.
8. Ensure that the required security and access parameters are configured.
9. Click Finish to apply the changes.
In the CLI
To create a VLAN assignment rule for a WLAN SSID:
(Instant AP)(config)# wlan ssid-profile <name>
(Instant AP)(SSID Profile <name>)# set-vlan <attribute>{equals|not-equals|starts-with|ends-
with|contains}<operator><VLAN-ID>|value-of}
(Instant AP)(SSID Profile <name>)# end
(Instant AP)# commit apply
To configure a VLAN assignment rule for a wired profile:
(Instant AP)(config)# wired-port-profile <nname>
(Instant AP)(wired ap profile <name>)# set-vlan <attribute>{equals|not-equals|starts-
with|ends-with|contains}<operator><VLAN-ID>|value-of}
(Instant AP)(wired ap profile <name>)# end
(Instant AP)# commit apply
Example
(Instant AP)(config)# wlan ssid-profile Profile1
(Instant AP)(SSID Profile "Profile1")# set-vlan mac-address-and-dhcp-options matches-regular-
expression ..link 100
(Instant AP)(SSID Profile "Profile1")# end
(Instant AP)# commit apply

Using Advanced Expressions in Role and VLAN Derivation Rules

For complex policies of role and VLAN derivation using device DHCP fingerprints, you can use a regular
expression to match with the combined string of the MAC address and the DHCP options. The combined string
is formed by concatenating the hexadecimal presentation of the MAC address and all of the DHCP options sent
by a particular device. The regular expression is a powerful pattern description language that can be used to
perform advanced pattern matching of the above string.
If the combined device fingerprint string matches the specified regular expression, the role or VLAN can be set
to the WLAN client.
The following table lists some of the most commonly used regular expressions, which can be used in user role
and user VLAN derivation rules:
Table 42: Regular Expressions
207 | Roles and Policies Aruba Instant 6.5.0.0-4.3.0.0 | User Guide