Wireless Access

Occasional Contributor I

RAP + Controller + ClearPass - Captive Portal

Hi everyone. I need to install like 100 APs distributed in diferents parks (real big distances). I'll like to make a center node, with 2 HA Controllers and 2 HA ClearPass.

The tricky part is that I need that all clients that want to connect to the SSID can't navigate till they login in to a Captive Portal hosted and managed by the ClearPass.

I think that I need a initial role that block every trafic, except DHCP, DNS, and access to the Controller and the ClearPass (tunneled), and a second rol (authenticated) that permit navigate freely through the park ISP (not tunneled).


Is this posible? Can the RAPs block and permit traffic with roles defined in the controller?


Thanks everyone.


Nicolás Cáceres.

Re: RAP + Controller + ClearPass - Captive Portal

This is totally possible.

The initial role will be a guest-logon role with the elements you mentioned with the additional captive portal redirect rules.

The application of the role will happen at the controllers.

ACCX #540 | ACMX #353 | ACDX #216 | AMFX #11

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
Occasional Contributor I

Re: RAP + Controller + ClearPass - Captive Portal

Awesome! I'm waiting for a new AP to test it ASAP.



Search Airheads
Showing results for 
Search instead for 
Did you mean: