Wireless Access

Hi guys,

I have a controller with a Employee WLAN which works properly. I am trying to bring up a Guest WLAN but I can't. I think the configuration is OK, but when I try to connect to it, the captive portal page doesn't appear and I can't connect. I have attached some screenshots of the configuration for this Guest WLAN. The associated VLAN is VLAN4, which is allowed on the switch trunk which connects to GE 0/0/0 along with VLAN1 (for Employee WLAN). The CAP is connected to an access port with native VLAN1 of the same switch of the controller.

Do you see anything wrong? Whan can happen? If you need some screenshot of the configuration just ask for it.

Please help!

Regards,

Julián

Hi Julian,

1. Are you using internal captive portal or page is hosted on CPPM ?

if it is hosted on CPPM, then you need to allow http/https access to CPPM server in the pre-auth role prior to captiveportal acl.

2. Are the clients getting an IP address ?

3. Is vlan 4 a routable vlan ?

3. Do you have a working DNS server ?

You can try typing a dummy IP in the web-browser to see if the page loads up. If it does, then you might be having an issue with the DNS server.

Please refer to the following :

https://community.arubanetworks.com/aruba/attachments/aruba/aaa-nac-guest-access-byod/27453/1/AOS_GuestAcccess-AppNote.pdf

Hi Nitesh,

I am using internal captive portal. The clients are not getting IP address since they can't connect to the guest network, should they do before connecting to it? And I tried of typing a dummy IP in the web browser but the page doesn't load up.

Then if you think the controller configuration is fine I believe is a connectivity problem. I will keep checking.

Regards,

Julián

Hi Julian,

Captive portal authentication is layer 3 auth. Clients needs to get an IP address before they get redirected to CP page.

In this case, this looks like a network/DHCP issue as clients are not getting IP address.

Hi Nitesh,

I don't know what I was doing incorrectly but I have started from scratch, and following your recommendations and the document you attached I have been able to set the guest WLAN up. Thank you very much.

Regards,

Julián

Hi Guys  

I would ike to create a guest portal, but I am facing some problems 

even if I use the wizard.. 

The portal do not appear, I have done the wizard several times but I am still facing these problem.;

We are using a Firewall to be the DHCP. 

I am using the version 8.1.0.1 

Troubleshooting Steps: 
1) upgrade the controller 
2) change the type of Forwarding mode ( I am using tunnel) 
3) Use the vlan default ( in my scenario I have to use the vlan 120);

Hi Renata,

Please refer to the following :

https://community.arubanetworks.com/aruba/attachments/aruba/aaa-nac-guest-access-byod/27453/1/AOS_GuestAcccess-AppNote.pdf

The navigation on 8.x is little different but the concept for CP remains the same.

1. Recommended to have L3 interface for the guest vlan.

2. Pre-auth role assigned to client should have captive portal profile & captiveportal ACLs mapped to it . Moreover, dhcp/dns should be allowed.

3. Client needs to get an IP address prior to getting the page  & working DNS should be provided to the client.

Hi,

About the DNS if I create a anouher SSID I can use the internet normally,
The DHCP I am using a firewall to do this function.
I tried to see the rules that are associet to profile and I got a stranger result, I have never seen a rule in a "warnig state.." you can see the imagem Attached
Have you ever see this situation ?