Security

Reply
Regular Contributor I

ClearPass - Guest Network and NAD IP address

Hi everyone,

 

Just a quick question. When creating a web login page in ClearPass there is a field "Address":

guestnetworknadipaddress.PNG

The description says "Enter the IP address or hostname of the vendor’s product here.". By default it is set to securelogin.arubanetworks.com. Is this the NAD IP address? Because in my case my controller IP address is 192.168.1.96, but with the default setting I can access the web login page successfully. What am I missing?

 

Regards,

Julián

Guru Elite

Re: ClearPass - Guest Network and NAD IP address

No, it needs to be set to the common name of your controller/IAP captive portal certificate.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Regular Contributor I

Re: ClearPass - Guest Network and NAD IP address

OK thanks, then this description is a little bit confusing.

 

Regards,

Julián

Regular Contributor I

Re: ClearPass - Guest Network and NAD IP address

Hi Tim,

 

Please a couple of two more questions about this:

 

1. Why does it need to be set to the CN of my controller captive portal certificate if I am using ClearPass? The captive portal process happens in ClearPass and not in the controller.

 

2. What does securelogin.arubanetworks.com mean exactly? If I issue a nslookup for that name no IP address is returned so how can the client reach https://securelogin.arubanetworks.com?

 

Regards,

Julián

Guru Elite

Re: ClearPass - Guest Network and NAD IP address

1. The client needs to submit the captive portal form to that "virtual name" which is generated based on the common name of the certificate. The controller then generates a RADIUS request to the RADIUS server (ClearPass).

 

2. securelogin.arubanetworks.com is filler text. This needs to replaced with the CN of your captive portal certificate.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: