06-24-2016 03:49 AM
I´m helping a customer in a integration of their Aerohive APs, specifically the new AP250 and Clearpass Policy Manager.
I found a manual in the community:
I configured CPPM based on third case in the manual (Using Clearpass portal and Clearpass as radius and guest management) but the Aerohive configuration is incomplete and not works as expected.
I created a Self- Registration portal in the CPPM Guest. The behavior just now is:
- User connects to Aerohive Guest SSID. The traffic is sent to CPPM Self- Reg page.
- The user creates a new account on the self registration page and after press Accept he will be moved to login web.
- The user introduces the credentials in the web-login page. CPPM receives the request and I have a service that check the ssid name and if it matches applies the enforcement profile. CPPM responds with an accept or reject if the user is in the Guest Data Base and was introduced correct credential.
- The behavior after CPPM sent reject or accept is:
- When the user introduce bad credentials, CPPM responds with a reject and the Aerohive maintain same role to user and redirect to web-login page to reintroduce credentials.
- When the user introduced correct credentials, CPPM responds with accept and a enforcement profile, composed by some parameters (Filter-id, Tunnel-Medium-Type, Tunnel-Type and Tunnel-Private-Group-Id) that i saw in the manual referred before, specifcally point 1.1.1 but Aerohive never change the user role and redirects the user to web-login page in a continuos loop.
Somebody did this kind of integration before? I understand that is a problem on the Aerohive side, Someone have information about the configuration in that side?