Profile example
Assume that you are running a network at a University. You have Students and Faculty that must be allowed on the network. Due to the volume of traffic you determine that you will have four VLANs. This division of network users requires a mechanism for matching them to the appropriate VLANs. To accomplish this task you must do the following:
- Determine how you are going to divide your network users into four groups. In this case you decide that you will break up users as follows:
- Students that connect to devices in Dorm A
- Students that connect to devices in Dorm B
- Faculty running Windows
- Faculty running macOS
- Make sure that Students are in a group labeled Students and Faculty are in a group labeled Faculty.
- Make sure that you have two device groups, one for devices in Dorm A and another for devices in Dorm B.
- Based on the divisions you have selected, you must create four user/host profiles. You need one Profile for each combination of data that defines a set of users, such as Students that connect to devices in Dorm A.
- Create four network access configurations to configure the VLANs for your four groups of users.
- Create four network access policies to map the four user/host profiles to the appropriate VLANs.
User/host profiles
Create four user/host profiles that have the following settings:
Name |
Where (Location) |
Who/What by Group |
Who/What by Attribute |
Time |
---|---|---|---|---|
Students Dorm A |
Device Group = Dorm A Devices |
User Group = Students |
None |
Always |
Students Dorm B |
Device Group = Dorm B Devices |
User Group = Students |
None |
Always |
Faculty |
Any |
User Group = Faculty |
Host OS = Windows |
Always |
Faculty |
Any |
User Group = Faculty |
Host OS = macOS |
Always |
Network access configurations
Create a network access configuration for each of the four VLANs that you wish to assign. For this example we will create configurations for VLANS 10, 20, 30 and 40.
Name |
Access Value |
---|---|
Students Dorm A VLAN |
10 |
Students Dorm B VLAN |
20 |
Faculty Windows VLAN |
30 |
Faculty macOS VLAN |
40 |
Network access policies
Now you must map the user/host profiles to the network access configurations you created. That will tie the different types of users to the appropriate VLAN. Create four network access policies that contain the following data:
Name |
User/host profile |
Network access configuration |
---|---|---|
Students Connecting in Dorm A |
Students Dorm A |
Students Dorm A VLAN |
Students Connecting in Dorm B |
Students Dorm B |
Students Dorm B VLAN |
Faculty running Windows |
Faculty Windows |
Faculty Windows VLAN |
Faculty running macOS |
Faculty macOS |
Faculty macOS VLAN |