Security

last person joined: 2 hours ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

ClearPass Guest Captive Portal with Aruba Central

  • 1.  ClearPass Guest Captive Portal with Aruba Central

    Posted Oct 20, 2020 07:26 PM

    I am working on setting up a new deployment of Aruba IAP managed by Central.  We are setting up a guest wireless network and using ClearPass for the captive portal.  

     

    I have configured the WLAN in Central with CPPM as the external captive portal.  When the client initially connects to the SSID, the client lands in a role called 'External CP' in order to get redirected to the captive portal.  I don't see that role defined under the list of roles.  After the client successfully registers through the captive portal and the MAC auth has expired, we tried sending the 'External CP' role in order to get the client back to the captive portal.  Instead of landing in the External CP role, the client lands in the default role that is associated with the WLAN.  

     

    When we configure this with controller managed APs, we use the built in role 'guest login' in order to get the client back to the captive portal process.  What do we need to send from CPPM to accomplish this with Central?



  • 2.  RE: ClearPass Guest Captive Portal with Aruba Central

    Posted Oct 22, 2020 12:17 AM

    What about just sending a radius reject? 



  • 3.  RE: ClearPass Guest Captive Portal with Aruba Central

    Posted 28 days ago

    You should define a role in AC that redirects users to the CP. Then, in CPPM once the MAC-CACHE expires you send back the role you just defined. 

    This is equivalent to using the canned role "guest-logon" on the controllers. . .



    ------------------------------
    ACCX #1239 || ACEP || ACSP || CWNA || CWSP
    ------------------------------