Security

last person joined: 12 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Redirecting to Cloud Path with Open SSID

This thread has been viewed 5 times

  • 1.  Redirecting to Cloud Path with Open SSID

    Posted May 21, 2013 09:53 AM
    The issue I am having is the Redirect given by Cloud Path. The instructions are for a Cisco Controller and they have nothing on there site for Aruba. I am currently using the 105 controller less AP's The Open SSID has been created and a Role for for access. I am having difficulty getting the Access Rules to match up to what is needed. The following is what is given to me by Cloud Path. Define an ACL which allows access to the XpressConnect webpage. Log into the Cisco WLAN Controller. Along the top, click on the Security tab. Along the left, click on the Access Control Lists link. To add the ACL, do the following: Click New.... In the Access Control List Name field, name the ACL Unauthenticated. Click Apply. Next to the Unauthenticated ACL, click Edit. Click Add New Rule. Add the following rules: Sequence 1, Destination [XpressConnect IP Address], Protocol TCP, Destination Port HTTP*, Action Permit Sequence 2, Source [XpressConnect IP Address], Protocol TCP, Source Port HTTP*, Action Permit Sequence 3, Protocol UDP, Source Port DHCP Server, Action Permit Sequence 4, Protocol UDP, Source Port DHCP Client, Action Permit Sequence 5, Protocol UDP, Source Port DNS, Action Permit


  • 2.  RE: Redirecting to Cloud Path with Open SSID

    EMPLOYEE
    Posted May 27, 2013 09:19 AM

    You should consult the Instant AP user guide for the portion "Configuring External Captive Portal Authentication for a Network Profile "



  • 3.  RE: Redirecting to Cloud Path with Open SSID

    Posted Jun 07, 2013 07:06 AM

    Here's a CLI configuration that redirected clients to an external, Cloudpath, captive portal page:

     

    aaa authentication captive-portal "Portal-AuthOnly-Profile"
       default-role "NonAuth-Guest"
       server-group "Portal-Server-Group"
       redirect-pause 1
       welcome-page "http://wireless.domain.edu"
    !

     

    The user role that called this captive portal looked like this:

     

    user-role Portal-AuthOnly-Login
       captive-portal "Portal-AuthOnly-Profile" 
       session-acl logon-control
       session-acl captiveportal
    !

     

    I think that you're trying to configure the captive portal with the firewall rules, which is something that I did when I first started using the Aruba solution. In the GUI, you'll need to remember to select the Captive Portal profile and then hit the "apply" button before saving your work. 

     

    Let us know if that helped you out.

     

    -Mike



  • 4.  RE: Redirecting to Cloud Path with Open SSID

    Posted Jun 28, 2013 02:05 PM

    How do i do this on the Instant AP's.



  • 5.  RE: Redirecting to Cloud Path with Open SSID

    Posted Jun 29, 2013 10:34 AM

    Hi Bsossamon,

     

    There are two ways to do this, the easiest being via the wizard. 

     

    1. Click "New" under the Networks on the left-side of the Instant control panel.

    2. When you get to step 4 in the wizard, moving the sliding scale on the left-hand side to "Network-based."

    3. In the "Access Rules" on the right-hand side, select "New."

    4. A popup box will now appear.

    5. Under "Rule type," select "Captive Portal"

    6. Next, under "Splash Page type," select "External"

    7. Under "IP or Hostname," place the address where you've unzipped and installed the Cloudpath instance.

    8. Add a "Redirect URL" to your company, school, or business to let the connected user know that they're finished.

     

    I tested this out on an Instant cluster with a Cloudpath instance and it worked as expected.

     

    -Mike