Table of Contents
Advertisement
ingress-bandwidth
egress-bandwidth
cos
speed-duplex
poe-max-power
poe-priority
allow-jumbo-frames : Disabled
allow-tunneled-node: Disabled
Device Profile Configuration
Configuration for device-profile : test
untagged-vlan
tagged-vlan
ingress-bandwidth
egress-bandwidth
cos
speed-duplex
poe-max-power
poe-priority
allow-jumbo-frames : Disabled
allow-tunneled-node: Disabled
User-Based Tunneling
User-Based Tunneling provides Aruba switches the ability to tunnel specific client traffic to an Aruba controller.
Once User-Based Tunneling is enabled, the Aruba controller provides a centralized security policy, authentication,
and access control. The decision to tunnel client traffic is based on the user role. User roles redirect traffic to an
Aruba controller when the tunnel status is up. A secondary role, provided by the authentication subsystem, when
present in the user role authorizations, notifies the User-Based Tunnel and provides a secondary role. The
communication between a User-Based Tunneling switch and the ClearPass is supported only over IPv4.
User-Based Tunneling, combined with ClearPass/LMA policies, is used to indicate if a client's traffic should be
tunneled to the controller.
User Authentication Workflow
The flowchart below depicts user authentication workflow for User-Based Tunneling:
1. Authenticate user
2. Apply user role to authenticated user
3. Redirect user traffic to controller
4. Apply secondary user role to user traffic on controller
620
: 100%
: 100%
: 0
: auto
: Class/LLDP
: critical
: 1
: None
: 100%
: 100%
: None
: auto
: Class/LLDP
: critical
Aruba 2930F / 2930M Management and Configuration Guide
for ArubaOS-Switch 16.08
Advertisement
Table of Contents
Troubleshooting
