11-04-2014 06:54 PM
So I'm setting up a test guest network. I just want to get to the redirect first, then figure the rest out later.
- I have 2x 7240's and 2x 7220's. No other Aruba devices.
- Basic SSID protected by wpa2-psk at the moment (during test).
- Users hop on to an already exisiting VLAN from another VAP that's working.
- Spun up a packetfence box that'll do the external captive portal work.
From the only guide I found here is what I created so far:
New L3 Captive Portal Auth -> Only things I changed is set default role and defaul guest role to the captive-portal role). Disabled User and Guest login. For login page - pointed it http://<packetfence box>/ and disabled welcome page.
New guest-cp role - applied captive portal L3 to it. Only allowing DNS/ DHCP/ and 80+443 to the packetfence IP.
New guest (post-cp) role but that doesn't matter for now as I jsut want to get TO the packetfence box.
Finally, new AAA auth profile - default psk for 802.1x for the temp wpa2-psk and then for all 3 types of roles (initial, mac default, and 802.1x default) all set to guest-cp role as explained above.
My understanding is that's all I should really need under one new VAP for user to hop on, get an IP, go to the browser - type in anything but only get redirect to packetfence.
But watching the browser using dev tools I don't see the redirect come through at all.
Any guides by Aruba or another user would be greatly appreciated. And or any help trying to get through this part.
I followed this guide without the NAT portions or the XMP-API part as I'm not even there yet...
Thanks in advance!
Solved! Go to Solution.
11-04-2014 06:56 PM
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
11-04-2014 07:04 PM
Guess I'll just keep responding here.
I saw that same solution under a few different posts... but I don't think I'm understanding it.
The VLAN the user first gets assigned to is a dhcp network with public IP addresses. The Packetfence box is on another network with a public facing IP as well. What is the dst-nat I'm supposed to be setting? Sorry, total noob here.
11-04-2014 07:06 PM
11-04-2014 07:17 PM
Oh I get it, no it does not. Dang, gotta rethink how that's done then.
Thanks a bunch for your help. Is there a part of a VRD or something Im missing on setting this up or is the guide I posted pretty much it?