Wireless Access

Reply
Frequent Contributor I
Posts: 82
Registered: ‎05-28-2010

Roaming guest authentication without captive portal

I have a client that would like to roam from location to location and not have to reauthenticate with the captive portal. Unfotunately, not all my locations terminate to the same WLAN controller and therefore even though they are within the User Idle Timeout period, when they connect to the guest SSID, it presents them with the captive portal page. I'm hoping there might be a way where there iOS device remembers their credentials and seemlessly in the background pass those credentials through without having the captive portal page come up. I guess what the real question is, can there be other method of a guest client authenticating with Internal DB user credentials without it being via the captive portal.

 

Regards,

Tony Marques

Guru Elite
Posts: 8,325
Registered: ‎09-08-2010

Re: Roaming guest authentication without captive portal

Do you have ClearPass? It has a feature called MAC caching that will bypass
the captive portal for previously authenticated clients for a specified
amount of time.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 82
Registered: ‎05-28-2010

Re: Roaming guest authentication without captive portal

Unfortunately, we do not. We haven't yet invested in a NAC or anything similar to that.

Guru Elite
Posts: 8,325
Registered: ‎09-08-2010

Re: Roaming guest authentication without captive portal

Unfortunately, without using 802.1x or a guest management system such as ClearPass, there is no way for the device to cache captive portal credentials across controllers.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 82
Registered: ‎05-28-2010

Re: Roaming guest authentication without captive portal

Can the controller be configured to accept local user login credentials without a captive portal? If I can get a guest be prompted to loging with a captive portal I would play around with that and see if I can get to the ultimate goal.

 

Regards,

Tony Marques

Frequent Contributor I
Posts: 82
Registered: ‎05-28-2010

Re: Roaming guest authentication without captive portal

Sorry I meant to say, if I can get a guest to be prompted to login with a captive portal spalsh page I can do some testing with that.

Frequent Contributor I
Posts: 82
Registered: ‎05-28-2010

Re: Roaming guest authentication without captive portal

Sorry did it again. WITHOUT a captive portal. :smileyfrustrated::smileyfrustrated:

Frequent Contributor I
Posts: 82
Registered: ‎05-28-2010

Re: Roaming guest authentication without captive portal

I found documentation on how to terminate 802.1x authentication on the controller and that is worknig for me. Thanks for the assistnace.

Guru Elite
Posts: 20,789
Registered: ‎03-29-2007

Re: Roaming guest authentication without captive portal

The only way would be using 802.1x, or a WPA2-PSK network.  Your challenge with those is that you have to give guest users instructions.  For most, it is a reasonable expectation if they encounter a new site that they be required to login to the Captive Portal..



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: