Security

last person joined: 6 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

radius server with controller captive portal

This thread has been viewed 1 times

  • 1.  radius server with controller captive portal

    Posted Nov 12, 2013 05:20 AM

    Hi,

     

       We are trying to authenticate users having aruba controller captive portal and all the user will authenticate by external Radius server

    i tryed to add/select the Radius server while creating the Guest SSID but the users are not authenticated by the radius server.

     

    can any one guige me in this... Radius is working fine i diagnose it from the controller.

     

    i want captive portal with External Radius server.

     

    thanks



  • 2.  RE: radius server with controller captive portal

    Posted Nov 12, 2013 05:27 AM
    Assalam o Alaikum Bilal,

    You mean to say captive portal page is showing but users authentications getting failed right?


  • 3.  RE: radius server with controller captive portal

    Posted Nov 12, 2013 05:32 AM

    W/Salam,

     

         Yes captive portal is there but i want external radius server user to authenticate with it ..... :)



  • 4.  RE: radius server with controller captive portal

    Posted Nov 12, 2013 05:35 AM

    Have you added external Radius server into server group and that server group is properly assigned to the correct AAA profile?



  • 5.  RE: radius server with controller captive portal

    Posted Nov 12, 2013 05:39 AM

     

     

    Yes i have added it to server Group and also add it to AAA profile.... in Guest SSID



  • 6.  RE: radius server with controller captive portal

    Posted Nov 12, 2013 05:52 AM
    Things that I would check for this case
    client is able to associate and get an IP address
    the correct roles are being assigned
    are you able to get past captive-portal
    Can you ping the radius server from controller
    do you test the authentication by providing username/password in controller?


  • 7.  RE: radius server with controller captive portal

    Posted Nov 12, 2013 06:07 AM

    Yes i ckeck all these thing i can ping the radius server and clients are having captive portal as well but when i type the user and password that are present in my radius server it gives Authentication Error and if i check this user from Controller diagnostic its authenticated successfuly.

     

    thanks

    Bilal



  • 8.  RE: radius server with controller captive portal
    Best Answer

    EMPLOYEE
    Posted Nov 12, 2013 07:11 AM

    Muhammad Bilal,

     

    The server group that authenticates the Captive Portal is an exception that is located in the Captive Portal Authentication Profile, not the AAA profile.  You can find it by going to Configuration> Security> Authentication> L3 Authentication> Captive Portal Authentication.  You should be able to find your Captive Portal Authentication Profile there.  Add your server group that contains your radius server under that specific profile to force your users to authenticate to that server.

     

    Also on your Radius server, make sure that PAP is enabled, because that is what Captive Portal users use to authenticate.