10-01-2013 12:43 PM
What is the best way to have an SSID that is 802.1x, if user fails 802.1x it puts them in a logon stat where they are forwarded to clearpass captive portal to download the quick connect package?
10-01-2013 12:52 PM
This is not possible because we are encrypting the traffic. A failed auth on WLAN 802.1x cannot failback to an initial role with a captive portal. This IS possible on a wired port because there is no encryption. You CAN use a provisioning SSID or use logic within ClearPass to pass back a role with a captive portal however, the initial attempt must use valid credentials.
IF the issue is configuring the supplicant, then you can "host" the quickconnect package on any URL and make sure employees download it before connecting to the SSID.
Consulting Systems Engineer - ACCX, ACDX, ACMX
If you found my post helpful, please give kudos