06-06-2017 05:03 AM
Is there a simple way to bypass Web Auth on Captive Portal on ClearPass.
I have an issue with certain iPhone users and a VPN application on a phone, they can't get onto the network becasue they cant access the portal.
Can we push them into a different role using their MAC for authentication?
Solved! Go to Solution.
06-06-2017 06:30 AM
Yes you can
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
06-06-2017 07:37 AM
06-06-2017 07:42 AM
Workflow is as follows:
1. Device connects to existing SSID gets IP address.
2. Device gets put into new role based on User Defined Rule already configured based on MAC address.
3. New role has firewall policy 'allow all' assigned
4. Device access internet.
I have configured the UDR but the device is staying in the pre-auth role which forwards it to the captive portal. I guess I'm slightly confused with how the flow should be.Thanks
06-06-2017 07:44 AM
06-06-2017 08:13 AM
I take it the Guest Device Portal you mean in the Guest Module - 'Create Device', which I've done and assigned it a Role.
However the device is still trying to do Web Auth according to the Access Tracker and only the once. I've also added the mac to the existing mac auth service, but still cant get it to bypass.
06-06-2017 08:15 AM