Aruba Instant & Cloud Wi-Fi

Reply
Contributor II
Posts: 51
Registered: ‎03-21-2013

Using Aruba Controller Captive Portal as a Aruba Instant External Captive Portal

So, question is. Is there any way of using Aruba Controller Captive Portal as Aruba Instant External Captive Portal?.

 

Thank you in advance

MVP
Posts: 1,399
Registered: ‎10-25-2011

Re: Using Aruba Controller Captive Portal as a Aruba Instant External Captive Portal

Here you go.

http://www.arubanetworks.com/techdocs/InstantMobile/Advanced/Content/External%20Captive%20Portal.htm

 

This should get your started..

Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
Contributor II
Posts: 51
Registered: ‎03-21-2013

Re: Using Aruba Controller Captive Portal as a Aruba Instant External Captive Portal

Hi

 

Reading the documentation and doing some test y just realized that what i'm trying is not possible.

 

Thanks for your help

 

 

MVP
Posts: 1,399
Registered: ‎10-25-2011

Re: Using Aruba Controller Captive Portal as a Aruba Instant External Captive Portal

What are you trying to accomplish??
Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
Contributor II
Posts: 51
Registered: ‎03-21-2013

Re: Using Aruba Controller Captive Portal as a Aruba Instant External Captive Portal

This is the situation.

 

I have a client with an Aruba controller 620 in his main office. They have two WLAN in that controller, for employees and for guest users. We are using a customized captive portal uploaded to the controller for guest users.

 

This client have several remote office, connect by VPN, and they want to use Aruba Instant in those offices. (they don't use RAP's for two thing; save money in Aruba Controller licenses, and Aruba controller model 620 have reach maximum AP+RAP capacity).

 

So, in this deployment, for employees we will configure an employee WLAN with internal user authentication. No problem with that.

 

Main problem is guest network, because Aruba Instant Internal captive portal is not customizable (and, for be honest, ugly as hell).

 

I have been trying using VPN connection between Instant and Aruba controller, adding route 0.0.0.0 0.0.0.0 to Aruba Controller, and using guest access rol for IAP VPN but is not working (I read somewhere that this is not possible with Aruba Controller 620 because a lack of memory).

 

Next thing i tried is what i opened the post for:  use Aruba controler as Aruba Instant external captive portal, but it doesn't work..

 

So, at this point, I don't know what to do... :

 

MVP
Posts: 1,399
Registered: ‎10-25-2011

Re: Using Aruba Controller Captive Portal as a Aruba Instant External Captive Portal

Don't want to sound like a salesman but Clearpass would definitely help you in this matter.

 

We doing something similar here as well but we are providing an external captive portal using XML-API.

IAP makes a VPN to controller, we push the portal to the controller which pushes it through the VPN to the IAP for the users.

 

I have not tested IAP to VPN Controller and hosting captive portal on VPN controller, in this case your 620.

 

I am quite sure that the IAP's require I believe a controller with 6.2+ AOS in order to terminate VPN, therefore your 620 is not capable of doing this since it does not supprot 6.2.

Pasquale Monardo | Senior Network Solutions Consultant
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]
Contributor II
Posts: 56
Registered: ‎04-22-2009

Re: Using Aruba Controller Captive Portal as a Aruba Instant External Captive Portal

Yes, it's possible.

 

Create an Open ESSID on the Instant Cluster that places the users on a VLAN that can only egress (the user's L3 gateway) via an Untrusted port on an Aruba Controller, then assign a wired AAA policy to the port on the controller that requires captive portal.

 

We do this all the time for wired users in various environments or with autonomous or other vendors WLANs.    

 

 

MVP
Posts: 138
Registered: ‎07-12-2012

Re: Using Aruba Controller Captive Portal as a Aruba Instant External Captive Portal

It is a nice solution but you have to keep in mind : 

              - user limit on a 620 is 256.

              - TS'ing will be a lot harder if you don't understand the datapath and the points where you will be gathering the information.

 

I would suggest spinig up a VM with Apache and replicate the portal that you have on Aruba on an external server.

 


billcarrjr wrote:

Yes, it's possible.

 

Create an Open ESSID on the Instant Cluster that places the users on a VLAN that can only egress (the user's L3 gateway) via an Untrusted port on an Aruba Controller, then assign a wired AAA policy to the port on the controller that requires captive portal.

 

We do this all the time for wired users in various environments or with autonomous or other vendors WLANs.    

 

 


 

If you found my post helpful, please give kudos!
Search Airheads
Showing results for 
Search instead for 
Did you mean: