Controllerless Networks

Hi!

 

Since 6.2 it should be possible to add a captive portal after 802.1x auth, see http://www.arubanetworks.com/techdocs/InstantMobile/Advanced/Content/Chapter11%20Authentication/ConfAccessRuleCPl.htm

 

 

Doing this, the CP is displayed (with just terms & conditions "Accept" - which is, what we want), but the CP is displayed again and again. Sure, because i stay inside this Role which enforces Portal Page again and again.

 

Do i need to assign another role based on the new CP-"authentication"? But how to do this?

 

Something like 

set-role ???? contains accepted "rule-allow-all" 

 

 

Any suggestions?

 

Kind Regards

 

Folke

You would need a policy engine (like Clearpass) to be able to track whether the user has accepted the terms before.

Hi Tim,

 

thanks for your very fast response.

 

But what's the sense that Instant supports internal splash screen as Role-Action ("Enforce Captive Portal") when it's not usable?

 

Is there a way to examine all values usable for role assignment?

 

Kind Regards from Munich

Folke 

Maybe I misunderstood your question.

 

Are you saying the issue is that users are presented the captive portal every time they associate and you'd like them to only accept it once? 

 

-or-

 

Are you saying that the users remain in the captive portal redirect during their session and can't do anything else?

Hi Tim,

 

yes, the users are remaining in the Captive Portal. 

 

My current goal is jus to reach a recurring captive portal as splash screen after every WLAN-Logon (with WPA2-Enterprise)...

 

That a permanently save of "License accepted" flags requires ClearPass  is clear for me.

 

Kind Regards

Folke

We'll have to wait and see what Marcus says. As far as I know, you cannot trigger a role change from a captive portal after an 802.1X authentication without a policy server that can do a RADIUS CoA.

The only time I've used a captive portal after an 802.1X authentication to dead-end a user and show them a "contact the help desk" style page.