Security

Hi All,

Can someone please try to help me out here, When I connect to my guest network my controller points me to the webauth page clearpass is hosting for me.

but, it fails to load the page because "TOO_MANY_REDIRECTS"

it looks like it apphends the switch and ap information to the end of the login page address. like this:

https://myloginpage.xxxxx.xxx/?cmd=login&switchip=xx.xx.xx.xxx&mac=00:00:00:00:00:00&ip=xx.xx.xx.xxx&essid=XXXXX%2Dtest@apname=myapname&url=https%XX%XX%XX.... so on and so on for another 100+ chars....

anyone see this before? or know how to stop it?

Thanks alot

Jay

it will append that information as part of the redirect, but in either the RADIUS server settings or captive portal profile settings you can opt to have some of that information included in the redirect or not.

The user connects to guest, tries to browse to a page and gets redirected, but the page displays "too many redirects". What path is the guest traffic taking, is it going outside the network, then back in through a NAT on a firewall or is it staying internal the whole time?

Are you using any kind of landing pages for time-based or device-based redirection besides the normal registration / login page?

The Guest traffic stays internal. I have all of the additional options to include things in the redirect uncheck on the captive portal settings.

Im not using anything but a standard login page on clearpass. Very basic for now.

I am only using clearpass for the webpage. RADIUS happens on my ISE server right now.

Hello,

you will need to whitelist your captive portal page before your natting to the controller (which throws in the redirect to the clearpass) is done; otherwise he will go into a redirect loop (you need to allow http and https to your captive portal)

Are you working with Aruba controllers ? On the L3 profile you can whitelist pages; make sure you whitlist your captive portal