04-21-2014 04:35 PM
I have CPPM 6.3. My wireless is Juniper and the controller is Juniper 880R running code 8.0.3.
When I create a new SSID for guest and point it to the web portal I created on CPPM and have a machine connects to that SSID, the connection is successful (VLAN working fine) and it gets an IP from the guest subnet but it fails to redirect anywhere!!
I get "requested server not found due to DNS timeout"
When I connect to any other SSID on the network and I navigate to my CPPM web portal, I can go there with no issues.
On the Juniper controller by default there is an access list that works for the guest SSID to only allow udp BOOTP client port68 to destination BOOTP server port67. Unfortunately this ACL do not work with CPPM I assume that the CPPM BOOTP server port is not 67!!
Any help is really appreciated.
04-23-2014 09:42 AM
I called support on this and they weren't that helpful. for so odd reason they told me that I need an Aruba controller with a valid support contract in order for them to help me!! I find this odd because there is no aruba controller involved on the setup, it is Juniper and clearpass. They emailed me a list of ACLs that usually on AOS for clearpass traffic-I wasn't able to make sense of off these ACLs because I'm on a Juniper controller.
Still waiting for some input.
05-06-2014 04:16 AM
not sure if you still have this issue, but i would just contact support again and provide your clearpass serial number and explain this issue again.
for the rest it sounds you need to modify your ACL to allow DNS and HTTP(S) to the clearapss.