10-30-2014 10:58 AM
I have a customer that wants to setup a rule for guest users in CPPM that will put them into the blacklist database if they are connected for more than 24 hours in a three day period. THey are trying to prevent employees from using the guest wifi. The Guest SSID is open and just presents a splash page with terms of acceptance.
They want the blacklisted users to get redirected to another splash page telling them to call the help desk. Aruba says this is possible. Not sure how to do it though.
10-30-2014 10:39 PM
I would work with one of the certified partners that have SQL knowledge.
--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.
--Problem Solved? Click "Accepted Solution" in a post.
11-02-2014 12:34 PM
Here's another option. It sounds like the corporate network might be an 802.1X network. Here's what I helped a customer design, and it's been successful:
1. Client connects to an 802.1X network.
2. They are given an Enforcement profile that sets an attribute for that device
3. This attribute could be defined as, "Secure-Access-Only"
4. The guest network will then have an additional requirement stating that endpoints with "Secure-Access-Only" will not be allowed on
5. A user device will then be sent a RADIUS Deny Access if they try to connect to the Guest network.
Tim (cappalli) wrote a great post outlining how he did this at Brandeis University. It showed the flexibility of using the attributes to achieve this functionality.
Hope this helps!
11-03-2014 07:23 AM
Thanks everyone. That will help get me started. This is a pure guest environment, so I will have to create an attribute based on their session info in the guest world. I will work on creating it for a 802.1x scenario as well. I am quite sure I will encounter that so I need to know how to make that work too.
11-06-2014 05:22 AM
First, go to
Administration > Server Manager > Server Configuration > "A CPPM Server" > "Enable Insight" is checked on the server.
Next, go to:
i. Configuration > Enforcement > Profiles > Click "+Add"
ii. Choose a "RADIUS based enforecement" template
iii. Under the "Attributes" tab, hit the "Click to add" and choose the "Insight Repository"
Hope this helps!