Security

Reply
New Contributor
Posts: 4
Registered: ‎06-03-2016

Webauth redirect issue

Hi All,

 

Can someone please try to help me out here, When I connect to my guest network my controller points me to the webauth page clearpass is hosting for me.

 

but, it fails to load the page because "TOO_MANY_REDIRECTS"

 

it looks like it apphends the switch and ap information to the end of the login page address. like this:

 

https://myloginpage.xxxxx.xxx/?cmd=login&switchip=xx.xx.xx.xxx&mac=00:00:00:00:00:00&ip=xx.xx.xx.xxx&essid=XXXXX%2Dtest@apname=myapname&url=https%XX%XX%XX.... so on and so on for another 100+ chars....

 

anyone see this before? or know how to stop it?

 

 

Thanks alot

 

Jay

MVP
Posts: 344
Registered: ‎05-09-2013

Re: Webauth redirect issue

it will append that information as part of the redirect, but in either the RADIUS server settings or captive portal profile settings you can opt to have some of that information included in the redirect or not.

 

The user connects to guest, tries to browse to a page and gets redirected, but the page displays "too many redirects". What path is the guest traffic taking, is it going outside the network, then back in through a NAT on a firewall or is it staying internal the whole time?

 

Are you using any kind of landing pages for time-based or device-based redirection besides the normal registration / login page?


Michael Haring | Senior Network Engineer
Comm Solutions, an Optiv Security Company
www.commsolutions.com | www.optiv.com
Frequent Contributor I
Posts: 77
Registered: ‎10-15-2012

Re: Webauth redirect issue

[ Edited ]

Hello,

 

you will need to whitelist your captive portal page before your natting to the controller (which throws in the redirect to the clearpass) is done; otherwise he will go into a redirect loop (you need to allow http and https to your captive portal)

 

Are you working with Aruba controllers ? On the L3 profile you can whitelist pages; make sure you whitlist your captive portal

 

 

Thomas
ACMX#370 ACCP

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
New Contributor
Posts: 4
Registered: ‎06-03-2016

Re: Webauth redirect issue

The Guest traffic stays internal. I have all of the additional options to include things in the redirect uncheck on the captive portal settings.

 

Im not using anything but a standard login page on clearpass. Very basic for now.

 

I am only using clearpass for the webpage. RADIUS happens on my ISE server right now.

Search Airheads
Showing results for 
Search instead for 
Did you mean: