07-07-2011 02:13 PM
Are the user name and passwords encrypted so that they are not still clear text?
I know typical captive portal usage has Open wireless networks.
So why https page for authentication?
Are username/passwords able to be sniffed?
Also, if this was Captive Portal is tied to RADIUS or LDAP account, does that mean that domain user accounts are now open over the open wireless network?
I have configured many wireless accounts, most with a default guest username/password.
Now I have a customer who would like to authenticate users this way also for limited access with home laptops, etc. But I am trying to understand possible securtity concerns.
Any aruba documentation references would be greatly appreciated.
07-07-2011 03:21 PM
The user data -after- the login is not encrypted by the captive portal authentication mechanism, so in that way it's exactly like Yahoo mail (secure login, open/non-encrypted user data) sessions.
Hope that helps...
09-16-2011 11:35 PM
09-17-2011 04:54 AM
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs