Security

Reply
Occasional Contributor II
Posts: 54
Registered: ‎06-27-2016

Redirect Cisco Wired Guests to Captive-portal

Hi

 

I am working in a setup in which the users whom dont have a known MAC address will be assigned to the guest VLAN, and its working fine.

But I want now to redirect their initial web access to the captive-portal page, and then after authentication get full internet access.

What is the procedure for this target?

 

Attached a snapshot for the service I created to authenticate the guest users (non-802.1x enabled users);

if MAC known, then allow-access

if MAC unknown, then assign it to Guest VLAN

 

 

 

Thanks

Mahmoud
MVP
Posts: 4,114
Registered: ‎07-20-2011

Re: Redirect Cisco Wired Guests to Captive-portal

In this link you can find how the enforcement profile needs to be configured and the ACL on the switch
http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/Cisco-URL-Redirect/td-p/202713

You also need to make sure the following is enabled on the switch:
Ip device tracking
Ip http server
Ip http secure-server

Get Outlook for iOS
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Occasional Contributor II
Posts: 54
Registered: ‎06-27-2016

Re: Redirect Cisco Wired Guests to Captive-portal

Hello Viktor

 

Thank you.

but I think the switch must be L3 and the gateway for guest VLAN must be terminated on the testing switch so the access-list can be applied, else it will not be applied, right?

As i am using Cisco 2960 switch in my setup, and the GW for the guest VLAN is terminated in another switch, so what will be the case here?

 

Thanks

Mahmoud
Search Airheads
Showing results for 
Search instead for 
Did you mean: