Wireless Access

Reply
Contributor II
Posts: 58
Registered: ‎04-10-2012

Captive Portal Authentication White List vs Permit-Policy ACL

Good Morning,

We're in the process of consolidating our open-ssids (guest, initial-setup, and a new device-registration service) and I'm reviewing our captive-portal configuration settings. It appears in the past we utilized a separate permit-policy acl to allow access to the guest-login captive-portal page - but I see that there's a separate white-list/black-list option in captive portal. Is this more of personal-preference, performance affects, and are there advantages/disadvantages of doing a "Captive Portal Authentication White List" vs using a "permit policy" acl within the initial role?

 

It seems logical if you're configuring the redirect within the captive-portal profile that one would also white-list it a few lines down. :-)
Captive-Portal-Whitelist.PNG

Guru Elite
Posts: 8,743
Registered: ‎09-08-2010

Re: Captive Portal Authentication White List vs Permit-Policy ACL

While there’s no technical difference, the whitelist is preferred as it’s cleaner and much easier to manage.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor II
Posts: 58
Registered: ‎04-10-2012

Re: Captive Portal Authentication White List vs Permit-Policy ACL


cappalli wrote:
While there’s no technical difference, the whitelist is preferred as it’s cleaner and much easier to manage.

Thanks Tim, that's what I was counting on and the white-list would be cleaner/manageable. Some of these configs were initially created about three years ago right before I arrived on the wireless team during a transition from Meru/Cisco NAC (what was used for Guest-Access) - so I'm working to better understand pre-existing settings during our upcoming migration.

Search Airheads
Showing results for 
Search instead for 
Did you mean: