02-18-2010 01:00 PM
02-18-2010 01:22 PM
02-18-2010 09:17 PM
If you're plugged into a wired port and are getting the captive portal, then somewhere you have an untrusted port or interface and you're being put into the logon role.
Care to share your interface configs here?
02-18-2010 09:30 PM
GE 1/2 is up, line protocol is up
Hardware is Gigabit Ethernet, address is 00:0B:86:61:2E:B7 (bia 00:0B:86:61:2E:B7)
Description: GE1/2 (RJ45 Connector)
Encapsulation ARPA, loopback not set
Configured: Duplex ( AUTO ), speed ( AUTO )
Negotiated: Duplex (Full), speed (100 Mbps)
MTU 1500 bytes, BW is 100 Mbit
Last clearing of "show interface" counters 0 day 8 hr 53 min 13 sec
link status last changed 0 day 8 hr 51 min 18 sec
39614 packets input, 1902469 bytes
Received 15523 broadcasts, 0 runts, 0 giants, 0 throttles
0 input error bytes, 0 CRC, 0 frame
15059 multicast, 24091 unicast
20300 packets output, 1306778 bytes
0 output errors bytes, 0 deferred
0 collisions, 0 late collisions, 0 throttles
This port is TRUSTED
(Aruba3200) (config) #show interface gigabitethernet 1/2 switchport
Administrative mode: static access
Operational mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Access Mode VLAN: 32 (VLAN0032)
Trunking Native Mode VLAN: 1 (Default)
Trunking Vlans Enabled: NONE
Trunking Vlans Active: NONE
(Aruba3200) (config) #show interface tunnel 51
Tunnel 51 is up line protocol is up
Description: Tunnel Interface
Source 1x.5.20.4 (Loopback)
Tunnel mtu is set to 1500
Tunnel is a Layer2 GRE TUNNEL
Tunnel is Trusted
Inter Tunnel Flooding is enabled
Tunnel keepalive is enabled
Tunnel keepalive interval is 10 seconds, retries 3
Heartbeats sent 0, Heartbeats lost 0
Tunnel is down 0 times
tunnel vlan 32
02-18-2010 09:37 PM
But, are the vlans trusted?
You should see a part in your config like this:
interface fastethernet 1/0
trusted vlan 1-4094
The part in bold is what we need to verify....
02-18-2010 11:45 PM
- Connect the client. When you get the Captive portal, go on the command-line of each controller and type "show user-table verbose".
When you do that it will say what the AAA profile of each is.
Also, type "show interface tunnel (x)" on each side to make sure the tunnels are trusted. In the configuration, when the tunnel configuration does not say "Trusted", it is untrusted.
*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide