01-07-2016 05:23 AM
Hi, I have setup a Guest SSID to bypass the captive portal to list of mac addresses. I am following this tutorial http://ccie25938.blogspot.nl/2011/12/aruba-control
I have added the few devices mac address to the Internal DB by typing the mac address on the username & password field with the role as authenticated.
The devices that matches the mac address now bypass the captive portal authentication which is working, however, if somebody knows the mac address from the bypass list, then they can type it on the username and password box to authenticate their device. Is this normal behaviour ?
Any help would be much appreciated, thank you.
Solved! Go to Solution.
01-07-2016 05:45 AM
Yes, because you are using the same database for both types of authentication. You would need an external policy server like clearpass to deal with that issue, so that it can use a different database for user and mac authentication.
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs