Security

Reply
Frequent Contributor I
Posts: 87
Registered: ‎08-05-2013

ClearPass - Guest Self-Provisioning Cert Issue

After guests attach to the Guest SSID they are redirected to ClearPass for the employee sponsorship piece.  When the redirection happens the guest is prompted with a cert warning (general warning saying 'click here to proceed (not recommended)'.  When proceeding to the self-registration page it works just fine, however I'm looking for a way to elminate the cert from the equation.  I noticed that the guest is redirected to internal data plane IP of the ClearPass server via HTTPS. Is there a way to redirect to the hostname?  Guests aren't going to our internal IP's and will always get cert errors in the process.  Trying to make this as streamlined as possible. 

Aruba
Posts: 1,635
Registered: ‎04-13-2009

Re: ClearPass - Guest Self-Provisioning Cert Issue

[ Edited ]

You can configure your captive portal profile on the controller to not require HTTPS and also configure CP Guest to do the same.   Alternatively you can install a publically trusted certificate.

 

Controller:

aaa authentication captive-portal "<Your-CP-Profile>"

   protocol-http

   login-page "http://hostname/guest/guest_page.php"

 

ClearPass Guest:

Configuration --> Authentication

 

cppm-no-https.png

 

 

 

 

------------------------------------------------
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX

Frequent Contributor I
Posts: 87
Registered: ‎08-05-2013

Re: ClearPass - Guest Self-Provisioning Cert Issue

You are amazing.  Works like a champ.  THANK YOU for the quick response!!

Search Airheads
Showing results for 
Search instead for 
Did you mean: