Security

Reply
Occasional Contributor II
Posts: 13
Registered: ‎02-01-2013

Captive portal redirect no longer workins

We have two wireless LAN's configured one with internal access to our network the other for guest which is connected directly to our ISP modem. The controller is on our internal LAN as well, this separation of the guest wireless network from the firewall was the last network change made since the last time i knew the portal to be redirecting. Would the fact that the wireless vlan associated to this guest network no longer has connectivity to the private lan cause the portal NOT to work, i would think since the vlan obviously has connectivity to the controller via the AP and the controller is where the portal, accounts, and policies are created me seperating it from the LAN would not have broken anything. In terms of how it was previously connected, the physical port on the controller designated as the guest wirless lan was connected to a port on our perimeter firewall and i created access rules there for it accessing internal servers/services. Where as now that port is connected directly to the ISP modem. Any help is greatly appreciated.

Guru Elite
Posts: 21,027
Registered: ‎03-29-2007

Re: Captive portal redirect no longer workins

Yes.

 

The controller:

 

- Needs a physical port on that ISP VLAN

- Needs an ip address in the private range of that ISP modem that it is giving out to its clients via DHCP

- Needs to have a command run "ip cp-redirect-address <ip address of controller on that private range>"

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 13
Registered: ‎02-01-2013

Re: Captive portal redirect no longer workins

Thank you for the quick reply, the wireless network using the portal is configured as such clients get DHCP from the controller, there GW is 172.17.1.1 which is also the GW for the private network of the ISP modem, 172.17.1.6 is the address of the local interface on the controller. So i believe the first steps you suggested i did already, the last step, issuing the captive portal redirect command pointing it to 172.17.1.6 unfortunately it still does not auto redirect, if i manually type in the url for the portal including ip it works.

 

 

Guru Elite
Posts: 21,027
Registered: ‎03-29-2007

Re: Captive portal redirect no longer workins

does DNS function for those clients?

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 13
Registered: ‎02-01-2013

Re: Captive portal redirect no longer workins

Is it necessary to specifiy the VLANID in the user role which uses the captive portal policy?

Guru Elite
Posts: 21,027
Registered: ‎03-29-2007

Re: Captive portal redirect no longer workins

It is not.

 

what is important is that client can resolve DNS.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 13
Registered: ‎02-01-2013

Re: Captive portal redirect no longer workins

yes DNS is pointing to the ISP DNS servers, i just did a nslookup and it resolves. I have total Internet connectivity just w/o authenticating through the portal.

Guru Elite
Posts: 21,027
Registered: ‎03-29-2007

Re: Captive portal redirect no longer workins

And the client can resolve DNS BEFORE authenticating, is what I meant...



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II
Posts: 13
Registered: ‎02-01-2013

Re: Captive portal redirect no longer workins

no authentication occurs, from a laptop you can simply select the wireless network and hit connect and you have internet access your not sent to the portal to enter the username and pw as was the case before i eliminated the FW from the setup.

Guru Elite
Posts: 21,027
Registered: ‎03-29-2007

Re: Captive portal redirect no longer workins

Okay. 

 

So what role does the user end up in when he associates to the network?  You would have to change your Initial role for the AAA profile of that WLAN to "***logon" to bring up the Captive Portal.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: