Security

Reply
Contributor I
Posts: 38
Registered: ‎06-25-2013

Clearpass Guest Deployment

Hi Guys,

 

I just wanted to run something by you guys for a Clearpass Guest Deployment.

 

One of my clients is looking to deploy a basic guest wireless from an Instant Access point. They want the users to input the pre-shared key and after that they would like them to get a captive portal page where they accept the terms and conditions.

 

The problem is with the captive portal page. Here is some basic info on the deployment:

 

  • 30 sites with 1 IAP at each site broadcasting the SSID
  • The IAP is attached to a broadband router, which is attached to an ADSL line
  • It is very unlikely that these 30 sites have direct connectivity with each other. I.e no MPLS network to link them together or WAN so we will be relying on the Internet

 

I wanted to ask you guys to clarify the following:

 

  • How will the IAP communicate to the centrally hosted clearpass server?
  • How do I add these IAP’s into Clearpass as they will have a 192.168.x address from the router
  • What kit list is required from Clearpass, i.e I know I need the Clearpass server & licenses, but have I missed anything else?

 

Hope you guys can answer my request with a nice easy solution J

MVP
Posts: 109
Registered: ‎01-05-2015

Re: Clearpass Guest Deployment

You'll have to provide a public reachable address for the clearpass. Source NAT for the 2nd question

MVP
Posts: 109
Registered: ‎01-05-2015

Re: Clearpass Guest Deployment

Note regarding the first bit: if you're using DNS name instead of IP address, you'll also need a publically resolvable address. guest.company.com/guest/page.php has to lead them to your ClearPass from the internet. This will be a public address. 

 

You can use destination NAT for masking your ClearPass behind that public address. 

Search Airheads
Showing results for 
Search instead for 
Did you mean: