Does anyone know what the purpose of the following lines in the captiveportal session ACL are?
ip access-list session captiveportaluser alias controller svc-https dst-nat 8081user alias controller svc-http dst-nat 8080user any svc-http dst-nat 8080user any svc-https dst-nat 8081
We are seeing these ports showing up from our guest network in the controller datapath. It looks like it will dst-nat all web traffic to the controller?
Are they required for ClearPass Guest captive portal?
If you are not using the Captive Portal whitelist feature for your CPPM servers, don't forget to add an ACL to allow http or https access to your ClearPass servers that will fall above the captiveportal policy within your role.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.