Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Wired Captive Portal

This thread has been viewed 5 times

  • 1.  Wired Captive Portal

    Posted Jan 08, 2013 05:11 PM

    I searched but didn't see that anyone had asked this previously. 

     

    Is anyone using Clearpass Guest or CPPM with Captive Portal device registration for a Cisco Switching environment?  We're Aruba on Wireless and Cisco on Wired currently.  We're trying to replace our current Device registration system in our residential complex and would like to leverage our use of Clearpass Guest if possible.  

     

    I'm currently running Clearpass Guest/Amigopod 3.9 and plan to move to 6.0, or likely 6.1, in the next few months.   Any direction would be greatly appreciated.  Thanks.



  • 2.  RE: Wired Captive Portal

    EMPLOYEE
    Posted Jan 08, 2013 09:06 PM

    I would terminate that wired Cisco VLAN into an untrusted interface of an Aruba Controller and take it from there.

     



  • 3.  RE: Wired Captive Portal

    Posted May 14, 2013 04:34 PM

    Have you had any luck with Cisco Wired Captive Portal & Clearpass? 



  • 4.  RE: Wired Captive Portal

    Posted May 14, 2013 11:07 PM

    I've attempted local web auth (on a catalyst 2960) and it was painful, so I gave up on it.  I'm going to try Colin's suggestion as others have also pointed me in this direction.



  • 5.  RE: Wired Captive Portal

    Posted May 15, 2013 12:15 AM
    Ok; I'm assuming the use of the onBoard piece can help and serve as a work-around. But that's $$$ to license.


  • 6.  RE: Wired Captive Portal

    Posted May 25, 2013 01:10 PM

    don't see how onboard is going to help, you need something to redirect you, for example an aruba controller like cjospeh suggests or work with the device builtin webauth system.



  • 7.  RE: Wired Captive Portal

    Posted May 25, 2013 07:01 PM
    Hoping on-guard will configure 802.1x on device and once it reauthenticates. Device will have access. I've got the redirect working. Unless aruba guest can do cisco COA.


  • 8.  RE: Wired Captive Portal

    EMPLOYEE
    Posted May 25, 2013 09:28 PM
    @sdr53 wrote:
    Hoping on-guard will configure 802.1x on device and once it reauthenticates. Device will have access. I've got the redirect working. Unless aruba guest can do cisco COA.

    Okay.  You can put a link to Quickconnect on your redirect page and that will configure the wired and/or wireless portion for your clients.  The difference between Onboarding and Quickconnect is that Onboarding distributes unique credentials in addition to configuring endpoint supplicants.  If you simply want users to have their endpoints configured and put in their username and password for authentication, quickconnect can do that on your redirect page by automatically detecting the OS and providing a link to configure it http://www.arubanetworks.com/pdf/products/DS_ClearPass_QuickConnect.pdf

     

    Distributing unique credentials with PEAP or TLS = Onboard

    Configuring Endpoints to use their OWN credentials = Quickconnect



  • 9.  RE: Wired Captive Portal

    Posted May 26, 2013 10:53 PM
    If we can't terminate on a controller could we terminate on an aruba switch instead? We don't have an aruba controller at every location.