Associates a client-identity (device fingerprinting) based filter. The role is assigned to a wireless client matching any of the defined client identities.

Supported in the following platforms:

  • Access Points — AP505i, AP510i/e, AP560i/h
  • Service Platforms — NX5500, NX7500, NX9500, NX9600, VX9000





client-identity <CLIENT-IDENTITY-NAME>

Specifies the client-identity fingerprint to match (should be existing and configured)
  • <CLIENT-IDENTITY-NAME> – Specify the client identity signature name.
Note: Multiple client identities can be configured with a role policy.

User Guidelines

When associating a single or multiple client identities with a role policy, ensure that a client identity group, containing all the client identities used by the role policy, is attached to the device or profile using the role policy. In other words, group all the client identities (used in this role policy) in a client identity group, and associate this group to the profile or device using this role policy.

For more information on configuring client identities and client identity groups, see client-identity and client-identity-group


rfs4000-229D58(config-role-policy-test-user-role-test)#client-identity TestClientIdentity
rfs4000-229D58(config-role-policy-test-user-role-test)#client-identity ClientIdentityWindows
rfs4000-229D58(config-role-policy-test-user-role-test)#show context
 user-role test precedence 1
  client-identity TestClientIdentity
  client-identity ClientIdentityWindows

Related Commands


Removes the client identities associated with this role policy