enable
Enter the manager command context.
mode role-based
Specifies the tunneled node server mode as role based.
mode role-based reserved-vlan
Specifies the VLAN used as tunneled node server reserved VLAN.
Examples
switch(config)# tunneled-node-server controller-ip 15.255.133.148
switch(config)# tunneled-node-server backup-controller-ip 15.255.133.148
switch(config)# tunneled-node-server keepalive 40
tunneled-node-server-redirect
Syntax
tunneled-node-server-redirect [secondary-role
<ROLE-NAME>
]
no tunneled-node-server-redirect [secondary-role
<ROLE-NAME>
]
Description
Configures traffic redirect to user-based tunnel. Secondary role is the new user role that will be applied to the
tunneled traffic by the controller.
The
no
form of this command stops the traffic re-direction to the controller. Secondary role is the new user role
that will be applied to the tunneled traffic by the controller.
Command context
user-role
Parameters
secondary-role <ROLE-NAME>
Specifies the secondary role applied on the user traffic by the controller.
Example
switch(config)# aaa authorization user-role name testrole
switch(user-role)#
tunneled-node-server-redirect
tunneled-node-server
The tunneled-node-server-redirect attribute instructs the switch to redirect all traffic with user-role “testrole” to the
controller. The secondary-role “authenticated” specified with the redirect attribute should be configured and
present on the controller. In versions 16.07 and earlier, the client VLAN on the switch needs to be present on the
Controller. With the Reserved VLAN mode introduced in 16.08, this is not required.
class ipv4 "testclass"
10 match ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
20 match tcp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
exit
policy user "testpolicy"
10 class ipv4 "testclass" action permit
626
Aruba 2930F / 2930M Management and Configuration Guide
for ArubaOS-Switch 16.08