Security

Reply
MVP
Posts: 778
Registered: ‎03-25-2009

NAS vendor settings - redirect url used?

So I've got a setup with a couple Aruba controllers running a wildcard certificate with Clearpass to provide the guest portal.

After authenticating the users browser initiated the https form submit back to the controller to finish the logon.

 

This last redirect (back to the controllers) keeps using aruba.company.com.

This is the value I had set as the vendor ip/hostname of the controller in Clearpass and was the actual certificate used when there was only 1 controller. I have since changed that name in CPPM (and removed the old certificate on the controllers) to somethingelse.company.com however. On the controller CP profile the welcome page mentions just "/auth/welcome.html".

That aruba.company.com logon keeps working even though it resolves to a non-existing address so there's no major issue, but I would love to understand the reason why it doesn't take my new value of somethingelse.company.com.

 

Anyone got any clues?

Koen (ACMX #351 | ACDX #547 | ACCP)

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Guru Elite
Posts: 21,491
Registered: ‎03-29-2007

Re: NAS vendor settings - redirect url used?

Just to make sure I understand:

 

1- You have a regular certificate and not a wildcard certificate

2- Clearpass is being used as the external captive portal

3- Clients are being authenticated correctly and getting onto the internet

 

Question:

 

Where are you putting the value of "somethingelse.company.com"?  Are you putting it on the controller, or in clearpass and in what field?

 

 

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 778
Registered: ‎03-25-2009

Re: NAS vendor settings - redirect url used?

1. clearpass cert is single SAN, controller cert is wildcard (2 controllers with same cert)

2. yes, clearpass as external portal

3. yes, so more a cosmetic issue than anything else but I want to understand why this is happening

Koen (ACMX #351 | ACDX #547 | ACCP)

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Guru Elite
Posts: 21,491
Registered: ‎03-29-2007

Re: NAS vendor settings - redirect url used?

Question:

 

Where are you putting the value of "somethingelse.company.com"?  Are you putting it on the controller, or in clearpass and in what field?



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 778
Registered: ‎03-25-2009

Re: NAS vendor settings - redirect url used?

[ Edited ]

Clearpass side

 

 2015-12-02 12_17_08-Customize Guest Registration.png

Koen (ACMX #351 | ACDX #547 | ACCP)

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Guru Elite
Posts: 21,491
Registered: ‎03-29-2007

Re: NAS vendor settings - redirect url used?

That would only be used if the guest is using the automatic login as part of the workflow.  Is that how you have it configured?

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 778
Registered: ‎03-25-2009

Re: NAS vendor settings - redirect url used?

Yes, after sponsor confirmation the guest only needs to click the ok button and everything is done for him.

Koen (ACMX #351 | ACDX #547 | ACCP)

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Guru Elite
Posts: 21,491
Registered: ‎03-29-2007

Re: NAS vendor settings - redirect url used?

Before the guest clicks on "Login", I would "view source" in the browser to see what is there.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

MVP
Posts: 778
Registered: ‎03-25-2009

Re: NAS vendor settings - redirect url used?

A whole lot of javascript but nowhere any reference of the aruba. url or even the controller. url.

The ip address of the controller I do find as the value of a hidden input field.

 

But then again, where does it get the aruba.company.com part from?  :/

 

Koen (ACMX #351 | ACDX #547 | ACCP)

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Guru Elite
Posts: 21,491
Registered: ‎03-29-2007

Re: NAS vendor settings - redirect url used?

It gets the post from that fqdn, IF you have it in the right place.  Hopefully you do not have more than one guest registration page and you are not referring to the wrong one.  Someone needs to look over all of your settings to make sure you have everything in place.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: