Security

Reply
Occasional Contributor I

Clear Pass integrate with Cisco WLC

Hi,

 

I try to depoloy the ClearPass with Cisco WLC, so that when user connect to the wifi, it will redirect to Clear Pass captive portal for authentication.

   - Clear Pass IP address: 192.168.1.210/23

   - Cisco WLC IP address: 192.168.0.56/23

   - GW: 192.168.0.1/23

 

When connect to the wifi, and try to access google.com. it can redirect to the Clear Pass captive portal; however, after login successful, it does not redirect to google.com, it redirect to Cisco WLC IP address, and cannot browse website. When I try to access google.com again. it also redirect to Clear Pass captive portal again and again as a loop. 

 

The setting for Cisco WLC and Clear Pass as attachment.

 

Thanks a lot for your help.

Kevin

Re: Clear Pass integrate with Cisco WLC

Hi,

I DropBoxed a folder with importent info for u. (Link at the bottom of this post)

Capturea.PNG

Please download - and read a bit

here is the link: (might contain duplicate docs - but importent and helpful info)

https://www.dropbox.com/sh/ofjoxg394v9f9tg/eTkB1DEVV8

 

Let us know - if u figure where is your mis-configurtion.

 

have a gr8 day.

 

me

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
Occasional Contributor I

Re: Clear Pass integrate with Cisco WLC

Hi kdisc98,

 

The document is for Aruba Wireless integrate with ClearPass, but on my scenario, it use Cisco Wireless Controller 2504 instead of Aruba Wireless Contoller. And on this part as attachment, I'm not sure which IP address I need to specify for the correct one, if I put ClearPass IP address, it will redirect to ClearPass welcome page after guest login sucessful, not rediect to google.com as I type on the web page. If I put Cisco WLC IP address, it cannot browse to any web page although guest login sucessful.

 

Regards,

kevin

Re: Clear Pass integrate with Cisco WLC

Please read here: (thoese are CCPM to CIsco docs)

https://www.dropbox.com/s/0vjcivcxmc5xe0f/Cisco%20Switch%20Setup%20with%20CPPM-v1.2.pdf

 

You need to configure more things (not only Guest portal)

 

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************

Re: Clear Pass integrate with Cisco WLC

You might useful info,also here:

ftp://ftp.dell.com/Manuals/all-products/esuprt_ser_stor_net/esuprt_powerconnect/powerconnect-w-clearpass-100-software_User%27s%20Guide7_en-us.pdf

 

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************

Re: Clear Pass integrate with Cisco WLC

Can u please send your access tracker logs (is there any errors after you trying to login via the captive?)
*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
Frequent Contributor II

Re: Clear Pass integrate with Cisco WLC

Your service that you have in your attachments is for mac auth. Do you have the service for web-auth? What version of CPPM do you have?
Occasional Contributor I

Re: Clear Pass integrate with Cisco WLC

Hi kdisc98,

 

The access tracker logs is nothing display.

 

Hi sdr53,

 

Can you tell me what service I need to configure for the cisco wlc authentication as attachment, because before I try the 802.1x Wireless service, but the error still same as I mention above. Now I'm using ClearPass Policy Manager 6.3.0.60730 version.

 

Thanks

Kevin

Frequent Contributor II

Re: Clear Pass integrate with Cisco WLC

Is this for an open authentication network with mac caching?

You can just use the generic radius type. Then use the service rules so they are radius NAD IP address = IP address of controller.

Then if you do mac caching you need a service that will check the MAC address. I think you had that service posted in original post.

Ps you might want to upgrade to 6.2.4. You can then have central web-auth. (Like cisco ISE).
Occasional Contributor I

Re: Clear Pass integrate with Cisco WLC

Hi sdr53,

 

So the configuration as attachment is correct?

 

Now the version for CPPM is 6.3.0.60730, so what you mean need to upgrade to 6.2.4, is it downgrade or upgrade?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: