Hi All,
Topology:
Guest users --------->cisco Switch 2950 ---------> CISCO ASA firewall----------->ARUBA CPPM 6.2 version.
Requirement :
a. Guest user will connect his laptop to DOT-1x enabled port on switch.( As per end customer information he will get IP from guest VLAN ID X because in switch he is configure guest vlan as X )
b. After getting Pre-VLAN IP the end user open up a browser and gets captive portal page. ( Client will take care of redirection part ).
c. In captive portal page guest enters his AD credential. After Successful authentication the user has to move to New VLAN Y.
Here guest user is nothing but an employee with personal laptop.
So the client is advicing me to do SNMP bounce on port.
How to perform this configuration.
what are the configuration that i need to do in CPPM, what are the ports need to be open on firewall.
Note : 2950 switch does not support MAB.
Will the following configuration works.
1. Selecting health check enabled captive portal page.....attached
2. Creating service as web-auth with authentication as corporate AD and posture as simple as just check for antivirus.
and enforcement profile as ....attached
where VLAN_ Enforcement_for _nac_netops is post vlan.
Will this configuration work.
will the client hit same web-auth service second time so that depeding on health information we can move guest into Post_vlan.
thanks in advance.
Regards,
Nithin