01-11-2017 08:32 AM
Hi, I have a local controller and a DMZ controller setup, i have an external captive portal and Guest self-registration enabled. Under my Guest self-registration profile i have NAS vendor setting with "send Cleartext password over HTTP"
, everything is working, I am just curious why when credentials are sent over HTTP and the credential are either invalid or expired it shows "Internal server error"
but when HTTPS is selected under NAS vendor setting if the credentials are wrong it send you back to the captive portal with an "authentication failed "null"??
I know that i can select Pre-Auth and avoid this but for me is not an option since i am using an external authentication souce "Active directory" I am attaching a couple of screenshots so all makes more sense. BTW i am using OS Version 220.127.116.11 on the controllers.
01-17-2017 08:21 AM
A couple of things:
- Pre-auth can be used with non-guest sources. You just have to choose RADIUS or application and then create a service in ClearPass to handle the request
- Looks like you're using the default controller certificate. Please replace it. https://community.arubanetworks.com/t5/Controller-Based-WLANs/ArubaOS-Default-Certificate-Revocation-FAQ-Controllers/ta-p/275809
01-25-2017 09:23 AM
Hi, sorry for me late response,
- Pre-auth can be used with non-guest sources. You just have to choose RADIUS or application and then create a service in ClearPass to handle the request.
Can this be done with Guest self-registrations? I see the option with Web Logins
And for the certificate I am changing it, building the CA on my lab still.