Security

Reply
Occasional Contributor II
Posts: 17
Registered: ‎05-26-2011

Authenticated Guest User Web Page Redirect Based Upon Username Login ID

I understand in the captive portal auth profile on the controller you can have a welcome page for all guest users who successfully authenticate. My question is based upon the username given for authentication, is there a way to provide a different welcome page based upon this criteria.

 

For example: the guest captive portal configuration profile on the controller shows the welcome page to be: http://www.google.com

 

But what if the username had arubanetworks in the username; could we have the welcome page to go to http://www.arubanetworks.com instead?

 

We do not want to create a new SSID, login page etc if not possible. I was thinking maybe based upon the username coming into ClearPass, the client would get a role that has a webpage redirect in it for the welcome page. Just not sure if this is possible.

 

Any thoughts/ideas?

Jimmy Brown
Network Security Engineer
ACCP
MVP
Posts: 505
Registered: ‎05-11-2011

Re: Authenticated Guest User Web Page Redirect Based Upon Username Login ID

Thats why we use ClearPass ;)

 

But ok - that aside lets see how this works.

 

The initial Captive Portal you land on can be whatever. Just a plain html with some links if you will.

 

This post on the partnerweb will give you some more insights:

https://arubanetworkskb.secure.force.com/pkb/articles/HowTo/R-154

Also use the AOS user guide starting from "Installing a New Captive Portal Page" (I used the 6.3 doc)

 

So I'm thinking this flow could work..

Config would be almost the same as the above link:

  • aaa authentication captive-portal "custom-cp"
  • user-logon
  • no guest-logon
  • no logout-popup-window
  • enable-welcome-page
  • welcome-page "your-auto-redirect.html"

 

The initial login page has a webform that submits username/password to a itself or a new page. Javascript checks the username and based on your criteria it creates a cookie that has the correct redirect URL (the AOS UserGuide has almost all the details for how to do this). I'm a little sketchy on how to proceed here, but you could have a "continue" button that submits the username/password to "/auth/index.html/u" ann authenticates you.

Then the welcome page is triggered and here you should pick up on the cookie and do an automatic redirect based on the value of the cookie. This also is in the AOS UG for how to do.

 

This should work - in theory :)


Regards
John Solberg

-ACMX #316 :: ACCP-
Intelecom - Norway
----------------------------
Remember to Kudo if a post helped you! || Problem Solved? Click "Accept as Solution" in a post!
Search Airheads
Showing results for 
Search instead for 
Did you mean: