Hi:
I'm trying to get wired captive portal guest access working with a Cisco switch.
I realize this needs two services. The initial mac-auth service is working fine... returning the redirect-url and redirect-url-acl to the switch.
But I'm having problems with the captive portal.
We are browsing to http://<clearpassIP>/guest/ciscowiredguest.php?mac=11:22:33:44:55:66, and that brings up the login form.
But when I enter a known guest account and click submit, Access Tracker shows a REJECT. The message is: "Failed to classify request to service" The autentication attempt comes in with just the user name - no other info.
I have an active service of type "Web-based Authentication" and the rule is:
Host - Checktype - MATCHES_ANY - Authentication.
Is there some other rule I need to make this work?
Is there a special configuration needed for the captive portal login page?
Am I correct in understanding that the switch is not involved in this part of the transaction (until it succeeds, of course, at which point it gets a CoA Terminate session)?
Thanks.