I am attempting to configure a guest wireless so that users must provide a PSK and once they have done so they are forced to Captive Portal.
I have seen discussions in which people have supposedly made this happen but the details on how they accomplished this task were scarce.
Any help would be greatly appreciated.
APs: Controller mode
Mobility Controller v: 126.96.36.199
Thanks for the reply! So is there something unique about the default-psk?
I have a wap2-psk-aes enabled in my ssid profile. When I provide that I am granted the initial role (which contains a captive portal configuration) but the captive portal never comes up. If I set the encryption setting to none/open, then captive portal comes up.
Check what role the user is in when it is connected to the PSK network and does not get to the captive portal. If it is the same role (with the captive-portal rules, and the captive portal profile assigned) as on the open network, and the user is in the same VLAN, it should work.
One thing I noticed is that Windows 10 got an update early this year that broke captive portal on PSK networks. Not sure what the status is today, but it may make sense to test with another device than Windows 10.
I figured it out. My error. I was using the incorrect ACLs that captures and NAT's the web traffic to the captive portal interface.
So, for others trying to do this, in the initial role of your aaa profile it needs to have the following ACLs. Obiously the net objects may be different but you need to capture the 80 and 443 traffic and NAT it to the controller.
1 any any svc-dns permit Low 4 2 any any svc-dhcp permit Low 4 3 user any udp 68 deny Low 4 4 any any svc-icmp permit Low 4 5 any any svc-natt permit Low 4 6 user any svc-http dst-nat 8080 Low 4 7 user any svc-https dst-nat 8081 Low 4 8 user any svc-http-proxy1 dst-nat 8088 Low 4 9 user any svc-http-proxy2 dst-nat 8088 Low 4 10 user any svc-http-proxy3 dst-nat 8088 Low 4
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.