Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Guest user to CPPM captive portal page access

This thread has been viewed 0 times

  • 1.  Guest user to CPPM captive portal page access

    Posted May 14, 2015 09:05 AM

    I have the following scenario I'm trying to resolve but not sure it's even feasible.  I have several remote sites that have AP 135s provisioned as RAPs so that the corporate SSID and the guest SSID are bridged to the local LAN.  The guest SSID vlan is typically feed by a local cable or DSL modem.  I'm looking for a way to present these guest users a capitve portal page from clearpass.  I setup a user role that uses routing/src nat to get to the CPPM server.  This role works for ICMP traffic but I cannot get to the CPPM server using HTTP.  I'm guessing this is because of the logon and captiveportal ACLs.

     

    Any suggestions or others who have this scenario?



  • 2.  RE: Guest user to CPPM captive portal page access

    EMPLOYEE
    Posted May 14, 2015 09:07 AM
    Captive portal is not available in bridge mode. You would need to use either
    tunnel or split-tunnel.


  • 3.  RE: Guest user to CPPM captive portal page access

    Posted May 14, 2015 09:09 AM

    The forwarding mode of the VAP is set to split tunnel.



  • 4.  RE: Guest user to CPPM captive portal page access
    Best Answer

    EMPLOYEE
    Posted May 14, 2015 09:11 AM

    You need an allow policy at the top of your user role. This will send that traffic down the tunnel.

     

    User   Alias:CPPM servers   SVC-https   Allow



  • 5.  RE: Guest user to CPPM captive portal page access

    Posted May 14, 2015 09:13 AM

    EDIT:SO LATE