EasyManua.ls Logo

Alcatel-Lucent AOS-W 6.5.3.x - Enabling Downloadable Role on a Switch; Sample Configuration

Alcatel-Lucent AOS-W 6.5.3.x
1160 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
403| ClearPass Policy Manager Integration AOS-W 6.5.3.x| User Guide
n An instance name (name of a whitelist role attribute as stated above) is case-sensitive. Attributes must
adhere to the following rules:
l Should not match any CLI option nested under a command from the whitelist.
l Should not contain a number or a combination of numbers.
l Should not contain any periods '.'.
l Should not contain any spaces.
The example below is considered an invalid configuration and will fail ClearPass Policy Manager role
download on a switch:
netservice 'tcp' tcp 443
The first instance of tcp is a user-defined field, while the second is an operator of the netservice
command. This violates the first rule.
netdestination 'alias'
The user-defined name alias is also a valid operator of the netdestination command. This violates the
first rule.
netdestination '10.1.5'
This user-defined name uses both numbers and periods. This violates the second and third rule.
ip access-list stateless '100'
This user-defined name uses numbers. This violates the second rule.
qos-profile emp role
This profile name emp role contains spaces. This violates the fourth rule.
It is recommended that some naming convention similar to the CamelCase (mixture of upper and lower case
letters in a single word) be used to avoid collisions with the CLI options in the role description.
Enabling Downloadable Role on a Switch
You can enable role download using the CLI or WebUI.
Using the WebUI
1. Navigate to the Configuration > Security > Authentication > AAA Profiles.
2. Select an AAA profile.
3. Check the Download Role from CPPM check box to enable role download.
Using the CLI
(host) (config) #aaa profile <profile-name>
(host) (AAA profile) #download-role
Sample Configuration
The following example shows the configuration details to integrate a ClearPass Policy Manager server with a
switch to automatically download roles.
ClearPass Policy Manager Server Configuration
Adding a Device
1. From the Configuration > Network > Devices page, click the Add Device link.
2. On the Device tab, enter the Name, IP or Subnet Address, and RADIUS Shared Secret fields.
Keep the rest of the fields as default.

Table of Contents