Hi guys,
Finally back on site for with a fresh mind for another round, making some headway this time...
Not sure if I was asleep or just not paying attention when I initially set it up. I had a RADIUS auth service set for the web login page that handled the request coming from the WLC, but that information did not include any MAC address information with it. I had pre-auth check set to none.
Once I configured the pre-auth check for RADIUS and created a new service to handle it I was able to successfully use my post authentication enforcements on the endpoint, changes were reflected properly in the endpoing DB.
The other issue that threw me for a loop is my captive portal assistant wasn't behaving properly on my Pixel. It would load the CP, I would log in and it would attempt to post the creds, but fail and then immediately reload the CP page in Chrome where it would then work properly.
When I bypassed the CP assistant on the Pixel and just went straight to Chrome, it was successful on the first attempt.
MAC caching is also verified functioning correctly.
Thanks for the help and sanity checking my config guys. Got 'er beat!
Tim Friesen
ACMP/ACCP/CWNA/CWSP