06-16-2017 04:20 AM
We're currently using a Captive Portal for our Guest Internet connectivity which is hosted on Clearpass, which at this early stage is just using the private IP address of a VIP within Clearpass for the URL, I'm looking to make this look a little nicer by using a domain within the URL.
Our issue currently is that the domain we're looking to use resolves against a Public IP address (our guest environment is using Public DNS servers) and due to company restrictions, we can't have a public facing DNS entry resolve against an internal IP address.
So, I'm looking to understand if it's possible to have some sort of logical IP entry within our Clearpass infrastrcture, that will enable clients to perform a DNS lookup for the Clearpass portal URL 'guests.abcdomain.com' - Which resolves to a Public IP address, for which the Clearpass devices would reply to any traffic requests should we route the traffic for the Public IP address in to Clearpass.
I've played with the idea of changing the URL so something internal, but we as we're using public DNS servers this is a non-starter. Also, within the network equipment involved in the Guest DMZ, we dont have the ability to perform any sort of network address translation. The logical interface within CPPM seems our only option at the moment.
Appreciate people's thoughts.
06-16-2017 04:28 AM
Get Outlook for iOS
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA