Updating Client Access Policy

You can update the client access policy to change the following details:

To update client access policy, complete the following steps:

  1. In the Aruba Central app, set the filter to Global.

    The global dashboard is displayed.

  2. Click Security > Authentication & Policy.
  3. Click the Config icon.
  4. Click the icon in the Client Access Policy section.
  5. To update MAC address details in the Allowed MAC Addresses table, do one of the following:
    • Click the icon to upload the CSV Comma-Separated Values. A file format that stores tabular data in the plain text format separated by commas. file in Allowed MAC Addresses table and do the following:

      The CSV file must contain MAC address and the corresponding device-name of the devices that needs to be added.

      1. In Upload CSV file prompt, drag and drop the CSV file, or click browse and navigate to the CSV file on your file system, and then click Open. The file name is displayed and the ADD button is enabled.
      2. Click ADD.
    • To edit a row in the Allowed MAC Addresses table, select the row you want to edit and click the icon, and do the following:

      If you know the MAC address of a client, click on the icon and enter the MAC address with the ":" delimiter to view the corresponding row in the Allowed MAC Addresses table.

      1. In the Add MAC based client prompt, enter the MAC address of the device and the corresponding client name in the MAC Address and Client Name fields, respectively.
      2. Click Save.
    • To create a new row in the User Groups to Client Role Mapping table, click the + icon, and do the following:
      1. On the Add MAC based client prompt, enter the MAC address of the device and the corresponding client name in the MAC Address and Client Name fields.
      2. Click Save.

    Click icon to download all the entries in the Allowed MAC Addresses table onto a CSV file.

  6. To update one or more client-profile tag to client-role mapping, do the following:
    • Select a client tag from the drop-down list under Client Profile Tag.
    • Select the corresponding client role for the user group from the drop-down list under Client Role.

      • Client Role drop-down list displays roles that are created using Configuring User Roles for IAP Clients.
      • If you delete a client role associated with a client access policy, the client access policy will not work as expected.

    • To create a new row, click + icon located at the top-right corner of the Client Profile Tag to Client Role Mapping table and repeat steps a and b.
  7. Click Save.
  8. Click the Client Access Policy accordion to view the updated client access policy.

The following animation shows you how to update the client access policy.