06-01-2016 02:50 AM
I want to change the clients Vlan after he/she authenticate successfully via captive portal
1- I have the following setup
2- Controller + RADIUS server
3 -SSID with Captive portal authentication
refering to this link http://community.arubanetworks.com/t5/Wireless-Acc
I see it is possible to give a user a dhcp lease for a short time 15 to 30 seconds , but switching user to other vlan after authentication is not working
I tried :
1- setting the Vlan in the User-Role
2- setting the Vlan from Radius attributes
3- changing the server derivation rules in the server group and see the following error "Error: Server Group "radius-group" assigned to cp/vpn cannot have vlan derivation rules"
is there anyway to change the Vlan on captive portal authentication without CPPM ?
06-01-2016 02:56 AM
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
06-01-2016 03:14 AM
but the DHCP lease is very short 15 seconds , after user authentication
1- the user moved to the new vlan with a new DHCP server in it
2- the user will wait maximum of 15 seconds and then will get a new IP address
i need this information
06-06-2016 01:17 AM
Not all clients will honor the short DHCP lease time.
I'd like to repeat Tim's advice not to switch VLAN's for captive portals unless there is no other option available. As a last resort, VLAN switching may work but will probably bring you lots of issues.
If you have urgent issues, please contact your Aruba partner or Aruba TAC.