Wireless Access

Reply
Occasional Contributor II

captive portal in split tunnel ssid

Hi
We are using controller 3600 and rap2wg in the remote site...we have configured split tunnel for the ssid so that guest users can have captive portal authentication.

With regards to the above setup please clarify the below queries

1. Do we need to create a vlan and dhcp on the controller for the users to fall into?
2. If we have to create a dhcp for the vlan what should be the gateway? If we assign the private IP address from the dhcp will the user be able to reach the internet via DSL ?
Guru Elite

Re: captive portal in split tunnel ssid


nallan wrote:
Hi
We are using controller 3600 and rap2wg in the remote site...we have configured split tunnel for the ssid so that guest users can have captive portal authentication.

With regards to the above setup please clarify the below queries

1. Do we need to create a vlan and dhcp on the controller for the users to fall into?
2. If we have to create a dhcp for the vlan what should be the gateway? If we assign the private IP address from the dhcp will the user be able to reach the internet via DSL ?

1.  Yes.  This is necessary so that guest clients can bring up the guest page on the controller to authenticate initially.

2.  Yes, and that DHCP is supplied by the access point itself.  In the AP system profile there is a dhcp server that the access point will serve up.  The AP will then source-nat all traffic that is destined to the internet using the Guest ACL that is applied after authentication

 

For details on how to set it up please see here:  https://arubanetworkskb.secure.force.com/pkb/articles/HowTo/R-825

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: