Hi everyone. I need to install like 100 APs distributed in diferents parks (real big distances). I'll like to make a center node, with 2 HA Controllers and 2 HA ClearPass.
The tricky part is that I need that all clients that want to connect to the SSID can't navigate till they login in to a Captive Portal hosted and managed by the ClearPass.
I think that I need a initial role that block every trafic, except DHCP, DNS, and access to the Controller and the ClearPass (tunneled), and a second rol (authenticated) that permit navigate freely through the park ISP (not tunneled).
Is this posible? Can the RAPs block and permit traffic with roles defined in the controller?
Thanks everyone.
Nicolás Cáceres.