AAA, NAC, Guest Access & BYOD

Block non browser traffic to CPPM
Q:

How do i block non browser HTTP (S) traffic for my guest devices in logon role



A:

For all guest users by design we allow HTTP(S) access to CPPM in logon role.

 

Whenever the guest device ( a smart phone) associates to network all the apps goes online and send HTTP(S) traffic to CPPM. This traffic mat cause performance issues on CPPM based on the frequency of guests per minute.

 

We can avoid this by adding  is_brower=1  in the Captive Portal redirect URL on the NAD device.

 

So if the URL for Captive portal page on CPPM is  : https://10.17.164.111/guest/guest_register_login.php

we will  edit the URL as : https://10.17.164.111/guest/guest_register_login.php?_browser=1

 

 

This feature was first introduced in 6.4.2 and is available in all the recent releases on CPPM.

Once we add this keyword in the redirect URL, CPPM will allow  traffic initiated from browser and block traffic from apps etc in logon ( or initial role).

 

Version History
Revision #:
2 of 2
Last update:
‎08-25-2015 08:02 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.