Security

Reply
Occasional Contributor I
Posts: 8
Registered: ‎10-06-2016

Clearpass Social Login with Cisco WLC

I have configured Clearpass to work with a Cisco vWLC (running latest code) to work with 802.1x and guest accounts. But I am having an issue with with the social login part of this. Here is a breakdown: 

 

User connects to the SSID

 

User selects social login to auth against (google, facebook, ect..)

 

Once the user is approved via the social network they are redirected to the Cisco internal login page (1.1.1.1) when they should be sent out to the internet. 

 

once the user either selects "submit" or back they are then routed to the internet correctly. 

 

 

Has anyone seen this before? 

 

I have completely shut down the Cisco internal page but users are still sent there. I am trying to juggle both Aruba and Cisco TAC but thought this might be the best forum to place this question. 

MVP
Posts: 866
Registered: ‎04-13-2009

Re: Clearpass Social Login with Cisco WLC

Hi,

 

Do you have a destination configured for your social logins?

 

2017-01-10 09_51_24-ClearPass_Guest_6.5_User_Guide.pdf - Foxit Reader.jpg

 

Or set here?

 

2017-01-10 09_52_20-ClearPass_Guest_6.5_User_Guide.pdf - Foxit Reader.jpg

 

Cheers
James

-------------------------------------------------------
-------------------@whereisjrw-------------------
------------------------blog-------------------------
ACCX #540 | ACMX #353 | ACDX #216
-----------Mobility First Expert #11----------
-------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
Occasional Contributor I
Posts: 8
Registered: ‎10-06-2016

Re: Clearpass Social Login with Cisco WLC

James,

Thanks a ton for the reply, yes I have both of those configured. 

 

When the the users are connected to the guest network the Aruba CPG page shows up fine, when they select a social media site to login via they are directed to that site (Twitter, FB, Google) but once their creds are accepted they should be sent to the company homepage that is configured in the Destination page that you pointed out, but instead they are directed to the Cisco's internal web auth page (1.1.1.1 virtual interface of the Cisco WLC), from there if the users click back they are then directed to the company homepage and I see them in Access Tracker and everything works. 

 

I should also point out this is only occurring with Social Logins, if a guest is given creds from CPG everything works perfect. 

 

After working with Cisco and Aruba TAC we found that for some reason either the WLC or CP is not sending a request intailly but once "back" is pressed from the 1.1.1.1 the request is then sent and accepted.

 

 

Maybe this could be a timeout??? I just thought of that while typing this out

 

Thoughts? 

Community Administrator
Posts: 2,180
Registered: ‎12-03-2013

Re: Clearpass Social Login with Cisco WLC

rditzler@advizex.com Was TAC able to get you going?

CWNA, ACMP, Security +
Occasional Contributor I
Posts: 8
Registered: ‎10-06-2016

Re: Clearpass Social Login with Cisco WLC

No, Cisco TAC has us pulling wireshark traces from the Controller and Aruba has been very firm that this is a Cisco issue. 

Occasional Contributor I
Posts: 8
Registered: ‎10-06-2016

Re: Clearpass Social Login with Cisco WLC

Got it figured out, the customer needed to purchase a cert in order to use https

 

Thanks,

Reid 

Search Airheads
Showing results for 
Search instead for 
Did you mean: