11-22-2016 03:35 PM
Does anyone know what the purpose of the following lines in the captiveportal session ACL are?
ip access-list session captiveportal
user alias controller svc-https dst-nat 8081
user alias controller svc-http dst-nat 8080
user any svc-http dst-nat 8080
user any svc-https dst-nat 8081
We are seeing these ports showing up from our guest network in the controller datapath. It looks like it will dst-nat all web traffic to the controller?
Solved! Go to Solution.
11-22-2016 03:52 PM
11-22-2016 04:19 PM - edited 11-22-2016 04:23 PM
If you are not using the Captive Portal whitelist feature for your CPPM servers, don't forget to add an ACL to allow http or https access to your ClearPass servers that will fall above the captiveportal policy within your role.
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX