07-26-2016 02:10 PM
I just wanted to run something by you guys for a Clearpass Guest Deployment.
One of my clients is looking to deploy a basic guest wireless from an Instant Access point. They want the users to input the pre-shared key and after that they would like them to get a captive portal page where they accept the terms and conditions.
The problem is with the captive portal page. Here is some basic info on the deployment:
- 30 sites with 1 IAP at each site broadcasting the SSID
- The IAP is attached to a broadband router, which is attached to an ADSL line
- It is very unlikely that these 30 sites have direct connectivity with each other. I.e no MPLS network to link them together or WAN so we will be relying on the Internet
I wanted to ask you guys to clarify the following:
- How will the IAP communicate to the centrally hosted clearpass server?
- How do I add these IAP’s into Clearpass as they will have a 192.168.x address from the router
- What kit list is required from Clearpass, i.e I know I need the Clearpass server & licenses, but have I missed anything else?
Hope you guys can answer my request with a nice easy solution J
07-27-2016 12:53 AM
Note regarding the first bit: if you're using DNS name instead of IP address, you'll also need a publically resolvable address. guest.company.com/guest/page.php has to lead them to your ClearPass from the internet. This will be a public address.
You can use destination NAT for masking your ClearPass behind that public address.