Security

Can I use ClearPass Guest to allow users onto the network with just an e-mail address field and a button on the initial redirect page?

I was looking to setup the exact type of experience as mentioned with https://arubanetworkskb.secure.force.com/pkb/articles/HowTo/R-154 but by using ClearPass instead of straight on the Aruba Controller.

I have the roles setup so that it technically works (meaning the device is already authenticated when they 'register'), but do they have to get a receipt page no matter what?

I guess it just boils down to if they have to get the receipt page.

Checkmark over ride the guest riceipt page and In the header of the receipt page you can put the following code and it will redirect the user.

<p>
    You will be redirected momentary
</p>

<meta http-equiv="refresh" content="2;url=http://www.arubanetworks.com/"> 

Thanks.  That seems to do it.

I'm stuck in a loop going back to the login page over and over after the redirect but I'm pretty sure my setup is wrong.

I'm not sure how to get that first 'submit' (or the receipt page during the auto-refresh?) button to transition the client.

If I check the Override Receipt: option and put in the automatic refresh like you mention I just get bumped back to the initial register page.

The button on that first page must be different than the receipt page (although I can't figure out how) because the device never attempts anything on ClearPass or the Aruba - so my role stays the same and I just start all over again.

Actually I was thinking about this today and I think you still need to add the following script to the bottom field. Of the top of my head I cant remember if you can keep the redirect in or not. Its been awhile since I set it up Lets see if Dave will chime in. :)

<script type="text/javascript"><!--{literal}
addLoadEvent(function() {
Nwa_SubmitForm(_form_name,"ID_"+_form_name+"_submit");
});
//-->
{/literal}</script>

Awesome, thanks a ton Troy.

I had to unckeck the Override Receipt box and put that code in the footer - but now it does exactly what I want.  It seems like without the receipt box the button doesn't exist - therefore cannot be pressed.

The redirect in the refresh doesn't have to work for me because I just use the Controller redirect and it works perfectly.

@JacLuc - Thanks I had that as well - I was asked if I could get it done without the user having to hit another button (as fool-proof as possible).

Its work for me. Thks.

We do this on our captive portal.  We edited the self registraton forms to only ask for an email address and require a check off on the terms of service to register.  Then on the registraton receipt, we enabled the username and password fields but hidden.

So I guess it takes two pages to get on the guest network.  The initial registration page. then they get the receipt page that only shows them the length of time the account is active with a login button that signs them into the Guest network.