03-28-2013 03:41 PM
I have a requirement of doing multifactor authentication when connecting to our Wireless LAN. Basically, the First login will be Pre-Shared-Key. Once authenticated, the user will be forced to an internal Captive Portal that will authenticate the user to Active Directory. I can login using the PSK and use AD Captive Portal. When I get another user to login in. The PSK works but no more Captive Portal. Any Suggestions would be appreciated.
03-28-2013 05:48 PM
Is this 2nd user on a different device or the same device? If the same device, there may be a cached entry in the user table for the device still (post AD/Captive Portal). It is not user specific, but device.
Systems Engineer, Northeast USA
ACCX | ACDX | ACMX
03-28-2013 11:24 PM - edited 03-28-2013 11:30 PM
Answering your quetsion do you have clear the box of Allow only one active user session? on the captive portal authentication profile?
Just as recommendation, just putting EAP TLS is more secure than doing those things. It is not possible to put this kind of authentication?
Maybe using quickconnect to onboard them all as they are all using IOS devices.. i mean that way you wont have to buy all the clearpass if you don thave money for it.
Product Manager - Aruba Networks