Using Downloadable User Roles with PUTN

This feature extends download ability of user roles to controller. Supported platforms: 3810, 5400R, 2930F and 2930M.

  • There are two roles required when using Downloadable User Roles with PUTN:

    Primary user role: Configured on switch

    Secondary user role: Configured on controller

  • Aruba network switches support Downloadable User Roles for primary roles present in the switch. Secondary roles present in the controller are manually configured on the controller.

NOTE:

This feature is only available for:

  • CPPM Version 6.7.0 onward

  • Aruba Controller Version 8.3.0 onward

    • To support Downloadable User Roles on controller, a new VSA (HP-CPPM-Seconday-Role) is introduced in CPPM 6.7.0, which contains the secondary user role name:

CPPM Sample Configuration

aaa authorization user-role name "<role-name>" 
vlan-id <vlan id> tunneled-node-server-redirect VSA