This video should show you the steps that you can follow and verify.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Oct 11, 2021 04:21 AM
From: Thibault Gauchet
Subject: Clearpass Guest portal redirection
Hello,
I have a slight concern about the deployment of a Clearpass.
The architecture is as follows:
We have 2 sites connected by an MPLS VPN.
On each site we have a firewall for filtering Internet access and access to the MPLS.
Firewalls serve as a router for inter-site filtering.
We have ARUBA IAP 303 terminals on each site for Wifi coverage.
Each spot has its IAP Group in Airwave for simpler centralized management.
We have also set up a Clearpass for the 802.1X authentication part for the administrative wifi as well as a Wifi Guest using the Clearpass Guest portal.
The configuration works fine on the main site.
The Administrative SSID in 802.1X works very well on the main site and the remote site.
The SSID GUEST however works on the main site and works 90% on the remote site.
The GUEST portal works as follows:
1/ User connects to SSID
2/ The login form is displayed
3/ The user is redirected to the confirmation page
4/ It has internet access
We have set up MAC CACHING for 8 hours.
This operation works fine on the main site, but on the secondary spot we have a bug.
We get the form right, once we click on login. Clearpass tries to redirect us to the constructor URL (which does not exist) instead of displaying the login confirmation page and the user does not have internet access.
After verification the user is well registered because a logout/ Reconnection works the user will have access to the NET.
After some research, I understand that Clearpass needs the URL for its operation.
I think of a firewalls blockage but you would have an idea of the flow managing this because I can't find any doc on the subject.
Best regards,
Gauchet Thibault
------------------------------
Thibault Gauchet
------------------------------