Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

CP final authentication

This thread has been viewed 1 times

  • 1.  CP final authentication

    Posted Oct 06, 2016 05:04 AM

    I am trying to understand the mechanics of the last part of authentication and final step in internet access for guest clients.

    In my scenario I have a ClearPass setup that returns the string server.customer.com instead of the securelogin.arubanetworks.com default cert.

    What happens with this string when passed back to the controller/client - does the client do a DNS lookup for this?.

    I read somewhere this is the case and the controller then intercepts this and does something with this request but I'm not sure specifically what.

    I would appreciate some help understanding this so I can fill in the blanks.



  • 2.  RE: CP final authentication

    EMPLOYEE
    Posted Oct 06, 2016 06:24 AM
    The fqdn should be for the captive portal certificate on the controller. The controller automatically intercepts DNS requests for the fqdn of its captive portal certificate and responds with its own IP address. That way, when the user clicks on submit, the request is always sent to the controller.


  • 3.  RE: CP final authentication

    Posted Oct 14, 2016 05:25 AM

    I think I follow that - so when the user clicks the login button (Specifically on the receipt page from a clearpass based web page) he is then attempting to open up a web page at securelogin.arubanetworks.com which triggers the DNS lookup?



  • 4.  RE: CP final authentication

    Posted Oct 27, 2016 03:23 AM

    Anybody know the details of this trigger?



  • 5.  RE: CP final authentication

    EMPLOYEE
    Posted Oct 27, 2016 05:13 AM
    @MDRF wrote:

    I think I follow that - so when the user clicks the login button (Specifically on the receipt page from a clearpass based web page) he is then attempting to open up a web page at securelogin.arubanetworks.com which triggers the DNS lookup?

    Yes.  The controller always intercepts DNS requests for the common name of the certificate installed on the controller and replies with the ip address of the controller.