Aruba Instant & Cloud Wi-Fi

Reply
Contributor I
Posts: 38
Registered: ‎12-13-2011

Bypass Guest Captive Portal

Hi is it possible to bypass my Guest Captive Portal for user to access webmail websites only, before they have to login through the Captive Portal?

Frequent Contributor II
Posts: 158
Registered: ‎04-13-2009

Re: Bypass Guest Captive Portal

Yes, in your ACL you can allow specific domains. However this can be problematic with modern websites, as for example gmail might require a bunch of google servers or content delivery

 

But you can whitelist mail.google.com and see what happens...

 

basically in your Logon role, add an ACL which allows the external domains you want to allow.

 

_ELiasz

-------------------
ACDX, ACCP, CISSP, CWNA
Frequent Contributor II
Posts: 158
Registered: ‎04-13-2009

Re: Bypass Guest Captive Portal

You did not mention if this is controller of IAP based. If it is IAP you should be able to write a rule for web category 'web mail' which might be easier then whitelisting specific domains.

 

I don't know if the controller has an equivilant category system you could use.

 

_ELiasz

-------------------
ACDX, ACCP, CISSP, CWNA
Contributor I
Posts: 38
Registered: ‎12-13-2011

Re: Bypass Guest Captive Portal

Hi this is using a 3600 controller as the master, should this ACL be set in the pre user role?

I use pre-guest before you authenticate through the captive portal then you use the guest role.

 

I could not see a domain to add in ACL?

 

Thanks

Regular Contributor II
Posts: 223
Registered: ‎10-29-2014

Re: Bypass Guest Captive Portal

[ Edited ]

Hi Foxy_no5,

You have to add your custom policy in Pre-Login role.

Or you can add the same in whitelist under l3 authentication profile.

If you want to add domain in your ACL then you have to add it under


Advanced Services > Stateful Firewall > Destinations > Add Destination

 

image 1.jpg

HTH
Cheers
SumaN
Contributor I
Posts: 38
Registered: ‎12-13-2011

Re: Bypass Guest Captive Portal

Hi

 

Thanks for your help!

I have added the domain ok, but didnt work in the whitelist as still goes to the captive portal?

 

I also tried adding firewall policy to pre-guest role but I am unable to change priority as it just reverts back to the bottom below the captive portal policy so unable to access still?

Regular Contributor II
Posts: 223
Registered: ‎10-29-2014

Re: Bypass Guest Captive Portal

1. for working the domain you need a valid DNS which resolves that.
2. If you are trying to change the priority of policy, make sure you are
clicking on apply button at bottom right corner.
HTH
Cheers
SumaN
Contributor I
Posts: 38
Registered: ‎12-13-2011

Re: Bypass Guest Captive Portal

Hi

 

Yes I have a valid dns and applied my priority change but it goes to the bottom each time?

Contributor I
Posts: 38
Registered: ‎12-13-2011

Re: Bypass Guest Captive Portal

Hi

 

I have added the whitelist again and i can now see it in the top of the firewall policy as list operations!

However it will not allow me to delete old policy, can I do the in command line?

 

Now when I try to browse to hotmail pre captive portal it tries but comes up with sertificate error and reverts back to login?

Guru Elite
Posts: 20,015
Registered: ‎03-29-2007

Re: Bypass Guest Captive Portal

Please show us your entire policy.

 

 

Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
Search Airheads
Showing results for 
Search instead for 
Did you mean: