Security

Reply
New Contributor
Posts: 4
Registered: ‎04-14-2015

ClearPass Guest Captive portal authentication with vlan assignment

I am running into an issue where I have a successful authentication with clearpass guest, user connects to guest SSID --> redirect to captive portal --> user successfully is authenticated, assigned roles and enforcement policies.  However, the enforcement policies access tracker shows that the output of the radius request is to switch user vlan to 400, when looking on the controller this doesn't happen the user stays in the default vlan.

Guru Elite
Posts: 20,775
Registered: ‎03-29-2007

Re: ClearPass Guest Captive portal authentication with vlan assignment

That is because the client does not re-dhcp, because it cannot tell that the underlying vlan has changed.  There are some ways to possibly do this like having a super-short DHCP lease (seconds), but most people abandon trying to do this with a captive portal.  802.1x on the other hand only assigns a vlan after authentication, so it is the perfect place to change or assign vlans after authentication.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 4
Registered: ‎04-14-2015

Re: ClearPass Guest Captive portal authentication with vlan assignment

Thanks for the reply, my client is not in a hurry at the moment so I am going to explore the dhcp lease option with a few other things I have been labbing out.  Will post follow up with results at a later date.

Search Airheads
Showing results for 
Search instead for 
Did you mean: