01-13-2014 04:08 AM
Is it possible for Aruba Controller to accomplish the following task:
The scenario for RADIUS Access-Reject:
Wireless users --> (Aruba AP) --> Controller --> Redirect to External Portal --> User Portal Login -->
Controller RADIUS request to RADIUS Server --> RADIUS Access-Reject with Reply-Message="22" which means
"Duplicate User Login".
Now, Aruba Controller will redirect client to external portal with parameter errmsg = "Authentication Failed", which is the same with
wrong user name/password.
Is it possible for Aruba Controller to send redirect URL parameter based on RADIUS reply message to distinguish wrong user/password from other reject reason such as duplicate login?
** I know the Controller itself can enable "Allow only one active user session" in captiveportal profile, but unfortunately it is
required to enforce this check on the customer RADIUS, because it serves not only our Aruba Wireless system but other
public wireless access by other vendors.