Security, WIDS/WIPS and Aruba ECS

Reply
New Contributor
Posts: 4
Registered: ‎07-12-2010

Captive Portal for Guests Not Working

the captive portal for our San Antonio office is not working properly. Right now, any guest can log onto the guest network without being prompted for a username and password. It is set up the same as our Dallas controller which works fine. When I compare the configuration, everything looks perfect. Is there something I could be missing?
Aruba Employee
Posts: 455
Registered: ‎04-02-2007

Re: Captive Portal for Guests Not Working

Hi Scott,

Are you sure the initial roles are the same, and the CP profiles are all there? My guess is the initial role is set to authenticated or guest, not to logon. Posting partial configs will probably help us out on this.

thanks,
-awl
Andy Logan, ACDX
Director, Strategic Account Solutions
Aruba Networks
Aruba Employee
Posts: 664
Registered: ‎04-15-2009

Re: Captive Portal for Guests Not Working

Scott,

As Andy said, it is probably due to the initial role in the AAA profile allowing traffic that should be redirected to the CP. For instance, if you are using "guest" as the initial role, then anyone that connects will be allowed to get an IP address, resolve DNS and browse the Web (tcp/80 and tcp/443) without any authentication. If the initial role is "authenticated", all packets are allowed before authentication. The initial role should probably be "guest-logon". That role allows DHCP and DNS, but if any tcp/80 or tcp/443 packets are sent, they are redirected to the CP.

See what AAA profile you are using under the VAP that houses the guest SSID and verify the initial role. If it is not correct, go into the AAA profile (Configuration > Authentication > AAA profiles) and change it to guest-logon.
Occasional Contributor I
Posts: 7
Registered: ‎08-17-2010

Re: Captive Portal for Guests Not Working

What os are you running? I had this same issue and it made CRAZY for about a week. I finally called support and turns out that I was running a version of code that killed the CP and the webserver. Nice testing aruba! I think that was version 5.0.1
Guru Elite
Posts: 19,990
Registered: ‎03-29-2007

Imagine...

If you opened a support case the first day.....
Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
Occasional Contributor I
Posts: 7
Registered: ‎08-17-2010

Re: Captive Portal for Guests Not Working

Now you sound like my boss. You learn nothing if you call for help everytime something MIGHT be wrong. How many times have you done something and it did not work and turns out it was your fault? Or some setting you missed or set wrong? I am not going through the pain of dealing with India if its something simple that I missed. This time it turned out to not be my fault and I was gonig to make sure of that.

Now if aruba support was in america and I could understand them maybe my thought process would be different.
Guru Elite
Posts: 19,990
Registered: ‎03-29-2007

My bet....

Is still on 1st level TAC the first day, because they know about all the Zero-Day issues that can save you considerable amounts of time...
Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
Search Airheads
Showing results for 
Search instead for 
Did you mean: