Wireless Access

Reply
Occasional Contributor II
Posts: 22
Registered: ‎12-23-2013

Captive Portal Passwords

Hello,

 

I have a screnario at a school which the students are given access to the WiFi network using Captiv portal, please find the below details:

 

- Controller 3400

- Most APs are 105 and 93

- Captive portal users are created manually by the IT team

 

It is required that students have the ability to reset their passwords through web without getting back to IT department again, also each student is allowed to login using one device only and should logout before log in using another device.

 

Is the above mentioned requirements achievable, if so how is it configured on the controller.

 

 

MVP
Posts: 4,309
Registered: ‎07-20-2011

Re: Captive Portal Passwords

Not possible to reset the password using the controller captive portal
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Aruba
Posts: 1,377
Registered: ‎12-12-2011

Re: Captive Portal Passwords

You should really consider Clearpass guest for these requirements.  Not only can students self-register but they can also have complete control with a self-service portal for resetting passwords, etc...

 

In addition, you can write policy to limit the amount of devices per account as well as cache the MAC address so that for the duration of the account's validity, the student wouldn't have to re-login to the captive portal.  

 

Finally, in 6.4, Clearpass can even notify the student when the account will expire.

Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
Email: seth@hpe.com
-----
If you found my post helpful, please give kudos
Occasional Contributor II
Posts: 22
Registered: ‎12-23-2013

Re: Captive Portal Passwords

I guesse clearpass is the only solution, i was hoping there would be a work around...

 

Is there any guide on how to configure a poilicy to limit the number of devices per account ?

Also how would the user log out in order to use another device ? or just simply disconnecting from the SSID would be considered as logout



Aruba
Posts: 1,377
Registered: ‎12-12-2011

Re: Captive Portal Passwords

In Clearpass, when you walk through the service templates ("start here" under configuration), there is a section which asks how many devices per guest.

 

Screenshot 2014-08-19 09.33.47.png

Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
Email: seth@hpe.com
-----
If you found my post helpful, please give kudos
Occasional Contributor II
Posts: 22
Registered: ‎12-23-2013

Re: Captive Portal Passwords

Oh.. seems i miss understood you, so limiting the number of devices per user also needs clearpass as well

 

There is no way it can be done using the controller firewall ?

Guru Elite
Posts: 8,792
Registered: ‎09-08-2010

Re: Captive Portal Passwords

No, you need a RADIUS server that can utilize RADIUS accounting.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Guru Elite
Posts: 8,792
Registered: ‎09-08-2010

Re: Captive Portal Passwords

Another option if you're using AOS 6.4.x+, and you want to limit the account to one device, you can use the "Allow only one active user session" in the captive portal profile.

 

"If you do not want multiple guest users to share the same guest account concurrently, navigate to the Captive Portal Authentication and select the “Allow only one active user session” option. If a guest user authenticates successfully but the controller detects there is already a guest session with the same guest username, the second login is rejected."

 captive-one-active-user-session.png


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
Showing results for 
Search instead for 
Did you mean: