Configuring Downloadable User Role on AOS-S Switches

Aruba Central allows you to enable Downloadable User Role and configure ClearPass ClearPass is an access management system for creating and enforcing policies across a network to all devices and applications. The ClearPass integrated platform includes applications such as Policy Manager, Guest, Onboard, OnGuard, Insight, Profile, QuickConnect, and so on. settings to download user-roles, policy, and class from the ClearPass Policy Manager ClearPass Policy Manager is a baseline platform for policy management, AAA, profiling, network access control, and reporting. With ClearPass Policy Manager, the network administrators can configure and manage secure network access that accommodates requirements across multiple locations and multivendor networks, regardless of device ownership and connection method. server.

Downloadable User Role configuration is not supported on Aruba 2530 Switch Series.

To enable Downloadable User Role and configure ClearPass server settings, complete the following steps:

  1. In the Aruba Central app, select one of the following options:
    • To select a switch group in the filter:
      1. Set the filter to a group containing at least one switch.

        The dashboard context for the group is displayed.

      2. Under Manage, click Devices > Switches.
      3. Click the AOS-S or Config icon to view the switch configuration dashboard.
    • To select a switch in the filter:
      1. Set the filter to Global or a group containing at least one switch.
      2. Under Manage, click Devices > Switches.

        A list of switches is displayed in the List view.

      3. Click a switch under Device Name.

        The dashboard context for the switch is displayed.

      4. Under Manage, click Device.

        The tabs to configure the switch is displayed.

  2. Click Security > Downloadable User Role. The Downloadable User Role page is displayed.
  3. Slide the Downloadable User Role toggle switch to on position to allow switch to download user-roles.

    To enable downloadable user role, ClearPass server must be configured in the RADIUS page.The Downloadable User Role toggle is disabled if ClearPass server is not enabled for any of the RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  settings. For more information, see Configuring RADIUS Server Settings on AOS-S Switches.

  4. Configure the following ClearPass Settings:

    Table 1: ClearPass Settings



    User Name

    Enter the ClearPass Policy Manager administrator username.


    Enter the password to access ClearPass server.

    Confirm Password

    Retype the password.

    Retry Interval

    Specify the retry interval to download TA certificate. This certificate is used to authenticate ClearPass server before downloading the user-role.

    Range: 0-5.

  5. Click Save Settings.