I've done another method previously where neither of the following options above were applicable and with the CPPM's being L3 separated so a VIP could not be used. I created 2x Captive Portal Profiles on the IAP which resolved to the URL of each Captive Portal Page on either CPPM-A or CPPM-B. In my case, we used a DNS record to form the URLs for each Captive Portal.I then proceeded to create 2x Pre Auth User Roles on the IAP which referenced either CPPM-A or CPPM-B and returned the respective Captive Portal URL for either CPPM-A or CPPM-B depending on which CPPM was hit first.
Within my CPPM policy, I configured the 2x services to return either Pre Auth User Role 'A' (which contain the Captive Portal of CPPM-A) or Pre Auth User Role 'B' (which contain the Captive Portal of CPPM-B) depending on the destination IP address of the RADIUS Packet. This would mean that in my AAA Server configuration, if CPPM-A was online it would respond and return the Aruba User Role 'A' which contained the Captive Portal of CPPM-A as it had matched the destination IP of CPPM-A.
If CPPM-A was offline, the IAP would then fall through to try CPPM-B. This would match the Service for CPPM-B (as the service looks for destination IP of CPPM-B) and return the Aruba User Role 'B which contained the Captive Portal of CPPM-B as it had matched the destination IP of CPPM-B.For example:
CPPM-A = 192.168.1.1CPPM-B = 192.168.2.1
user-role 'pre-auth-cppm-a'-> captive portal 'https://guest-a.acme.com/guest/register.php? (URL resolves to cppm-a for example 192.168.1.1)user-role 'pre-auth-cppm-b'-> captive portal 'https://guest-b.acme.com/guest/register.php? (URL resolves to cppm-b for example 192.168.2.1)Auth Server Priority Order1) CPPM-A = 192.168.1.12) CPPM-B = 192.168.2.12x CPPM ServiceIf 'Connection' 'Dest-IP-Address' equals 192.168.1.1 return Aruba User Role ''pre-auth-cppm-a'orIf 'Connection' 'Dest-IP-Address' equals 192.168.2.1 return Aruba User Role ''pre-auth-cppm-b'Cheers,Craig
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.