03-02-2012 08:37 AM
I've setup a second Captive Portal page using the guest-logon as the initial role and the ****Guest us the user role after authentication. We see users get assigned the guest-logon initial role, but once they authenticate via Captive Portal they are placed on the guest role instead.
I've checked everything and cannot find why this is happening. Any suggestions?
03-02-2012 10:52 AM
Are the users authenticated using the internal database on the controller? If so, they will have "guest" as the role by default and a server provided role takes precendence over the default role.
If you want to use a role other than "guest", you will have to edit the internal account roles OR use an external authentication server (AFAIK).
03-02-2012 12:19 PM
Run the command 'show aaa server-group <server group name>' Do you see: 'set role condition role value-of'? The default server groups applies this Server Rule. Either remove this rule, or if this Sever Group is being referenced by other profiles create a new Server Group, and leave out that Server Rule
03-06-2012 08:32 AM
Sorry for the late reply. After doing some reading on your code release version, we found the issue. We are on code 126.96.36.199. Apparently on this code the default role assigned for guest users via Captive Portal is "guest". There is nowheere in the CLI or GUI where this shows, we just found it by reading.