We have 3 IAP 207, with 2 SSID, one SSID for corporate using MAC access and the other one SSID for guest, using user/pass in captive portal embebed.
The problem is when some client connect to guest SSID the captive portal doesn't open.
Name:Aruba Operating System SoftwareType:207Build Time:2019-02-14 07:15:35 UTC (build 69128) by p4buildVersion:22.214.171.124
http://www.arubanetworks.comIt was running fine until now.
Thanks in advance,
There could be a few reasons as to why the Captive Portal is not displayed. Firstly, is this the internal Captive Portal on the IAP or an External Captive Portal such as CPPM.
Does your Captive Portal have a publicly assigned certificate installed? Different clients will have different behaviour when a invalid cert is installed which could result in the Captive Portal not being displayed.
Are the Clients assigned a valid and working DNS server (e.g can you do a nslookup from the Guest VLAN)?. The VC will intercept the clients DNS reply and re-direct to the Captive Portal. If there is no working DNS server, there will be no DNS reply and no Capitve Portal displayed.
The problem is the certificate embebed in the IAP controller.
It's not valid to the browsers and cut the connection.
How Can I use a valid certificated from Aruba ?
You will need to upload your own valid certificate to the VC.
The link below aren't exist
Have you got another one ?
Which Type of certificated I have to generate and update ?
You will need to create a publically signed certificate (of your choice) for the Captive Portal? Did you take a look at the below, as this provides all of the information.
And for the cert :
I'm not sure I need to create a publically signed certificate.
I would like to implement the easier solution in order to have the captive portal working properly again.
I only need to use the internal captive portal to validate users in the guest SSID. What is your recommendations to implement the easier way ?
Thanks in advanced.
Hey, you will need a valid certificate on the Captive Portal regardless. If you have no control of the devices which will be using the Captive Portal, then you will need a publically signed certificate. Reason being is the Certificate Store on the untrusted device should contain the Root CA of the certificate which you are using.
If you do have control over the devices (e.g company owned devices) then you will have control over the trust store on the device.
There is the HTTP options but any credentials will be sent in clear text.
Apologies, HTTP is only supported when using an External Captive Portal. If you wish to use the internal portal, then a certificate will be required.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.