Controller-less WLANs

How to configure cloud guest SSID on Central
Requirement:

Aruba Central user may need a centralized web-server to host captive portal page for their distributed networks across the globe like coffee shops, restaurant or hotels. 



Solution:

Aruba central 2.0 has a new feature called Cloud Guest or Guest Management that allows administrator to create a splash page for guest users using Web server and radius server running in the cloud. The splash page that admin creates, is hosted on the web server in the Central. When guest user connects to guest WiFi and try to open a web session, IAP will intercept the web session and redirects guest user to splash page. On the splash page (based on authentication type), once user enters his credentials, IAP will do radius authentication with the radius server hosted in the Central. On successful authentication, user will be put in the post authentication role, where user gets more access based on the access rules.



Configuration:

Step 1: Go to Guest Management -> Add new profile

 

 

Step 2: Select Authentication Type

Authentication types can be one of the following:

  • Anonymous login
  • Username/Password
  • Guest operator generated credentials
  • Self registration
  • Social login (integration with Facebook, Google+, Twitter & LinkedIn)

 

 

Step 3: Customization of Splash Page

After basic configuration is done, splash page can be customized to add background colors, text color, company's logo, advertisement etc.

 


 

Step 4: Create new profile for Guest WLAN or edit your existing WLAN profile

 

 

Step 5: Go to Security tab and under Slash Page Type, select Splash page profile that you created

 

 

Visitors

The guest operator can also create guest user accounts. For example, a networks administrator can create a guest operator account for a receptionist. The receptionist creates user accounts for guests who require temporary access to the wireless network. The guest operator can add, edit, and remove user accounts an can specify expiration time for user accounts.

 

Adding a visitor

 

1. To add new visitor, go to the Account tab under Visitor and click on the Add Visitor.

 


2. Guest administrator needs to fill out some basic information to create guest account including guest account validity. Username & Password details can be shared with visitor via email or text message as well.

 



Verification

Once configuration is pushed from Central to IAP, in running configuration WLAN user should be able to see the SSID, captive portal server and authentication server configuration.

 

# show running-config

 

wlan ssid-profile CloudGuest_1
 enable
 index 0
 type guest
 essid CloudGuest_1
 opmode opensystem
 max-authentication-failures 0
 vlan guest
 auth-server AS1_#guest#_            
 auth-server AS2_#guest#_            
 set-role-pre-auth default_#guest#_  
 rf-band all
 captive-portal external profile default_#guest#_   
 dtim-period 1
 inactivity-timeout 60
 broadcast-filter none
 radius-accounting
 radius-interim-accounting-interval 10
 dmo-channel-utilization-threshold 90
 local-probe-req-thresh 0
 max-clients-threshold 64

 

 wlan external-captive-portal default_#guest#_
 server jenkins-guest-aws-81.test.pdt1.arubathena.com
 port 443
 url "/portal/scope.cust-124/default/capture"
 auth-text ""
 https

 

wlan auth-server AS1_#guest#_
 radsec
 ip jenkins-guest-aws-81.test.pdt1.arubathena.com
 port 1812
 acctport 1813
 timeout 20
 nas-id b47319d0-a696-4eff-809c-0a033b82b17e
 rfc3576

 

wlan auth-server AS2_#guest#_
 radsec port 443
 ip cloudguestelb-81.arubathena.com
 port 1812
 acctport 1813
 timeout 20
 nas-id b47319d0-a696-4eff-809c-0a033b82b17e
 rfc3576
Version History
Revision #:
2 of 2
Last update:
‎08-08-2016 11:50 AM
Updated by:
 
Contributors
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.