12-21-2015 10:48 PM
Was wondering if it will be possible to redirect a client to a different SSID on a normal Aruba Controller setup without using a Clearpass?
I want to look at achieving something similar to when a controller blacklists a client upon Auth failure, but instead of blacklisting them, I want them redirected to my Guest SSID.
Is this possible without a clearpass or similar UAC?
Solved! Go to Solution.
12-21-2015 11:16 PM - edited 12-21-2015 11:20 PM
No, you can't trigger their devices to connect to a different SSID (even if you did have Clearpass) in this scenario. A reject from the Radius here will prevent the device from associating with the .1x SSIDso you can't place it in a captive portal role either.
That said - it is possible that the device itself might choose to connect to another SSID if it fails to connect to preferred one. That in turn require that the device has already been connected to the SSID before and wants to do it again "when all else fails"... Not something I would do tho - as a common routine for your users seems to be a better solution..
-ACMX #316 :: ACCP-
Intelecom - Norway
Remember to Kudo if a post helped you! || Problem Solved? Click "Accept as Solution" in a post!
12-22-2015 12:54 AM - edited 12-22-2015 12:56 AM
Hmm - ok - So no SSID redirect..
Would it then be feasible or possible to drop a user who failed Authentication into a different Vlan on the same SSID? But then the assosciation reject from Radius wil still be an issue then I guess.
So in short - if Auth Fails you can't move the client to different role, vlan or anything of the likes?
12-22-2015 04:38 AM