Security

Reply
New Contributor
Posts: 4
Registered: ‎06-01-2016

how to change user VLAN in Captive Portal Authentication ?

hi

I want to change the clients Vlan after he/she authenticate successfully via captive portal

1- I have the following setup 

2- Controller + RADIUS  server

3 -SSID with Captive portal authentication 

refering to this link http://community.arubanetworks.com/t5/Wireless-Access/Radius-COA/td-p/116267

I see it is possible to give a user a dhcp lease for a short time 15 to 30 seconds , but switching user to other vlan after authentication is not working 

I tried :

1- setting the Vlan in the User-Role 

2- setting the Vlan from Radius attributes 

3- changing the server derivation rules  in the server group and see the following error "Error: Server Group "radius-group" assigned to cp/vpn cannot have vlan derivation rules"

 

 

is there anyway to change the Vlan on captive portal authentication without CPPM ?

Guru Elite
Posts: 7,841
Registered: ‎09-08-2010

Re: how to change user VLAN in Captive Portal Authentication ?

It is not recommended to change the VLAN after a captive portal authentication. Many clients will not re-DHCP. Consider changing the role instead of the VLAN. 

Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
New Contributor
Posts: 4
Registered: ‎06-01-2016

Re: how to change user VLAN in Captive Portal Authentication ?

but the DHCP lease is very short 15 seconds , after user authentication

1- the user moved to the new vlan with a new DHCP server in it 

2- the user will wait maximum of 15 seconds and then will get a new IP address 

 

i need this information

Aruba Employee
Posts: 367
Registered: ‎11-04-2011

Re: how to change user VLAN in Captive Portal Authentication ?

Not all clients will honor the short DHCP lease time.

 

I'd like to repeat Tim's advice not to switch VLAN's for captive portals unless there is no other option available. As a last resort, VLAN switching may work but will probably bring you lots of issues.

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC.
New Contributor
Posts: 4
Registered: ‎06-01-2016

Re: how to change user VLAN in Captive Portal Authentication ?

yes thank you for your advice , i know it is not recommended , but i need to do this config for testing purposes 

Search Airheads
Showing results for 
Search instead for 
Did you mean: