I have an issue where I have a perfectly fine guest portal working with Cisco WLC's controller based redirection but now a Cisco Meraki pilot has been requested. I have built out the service polices and new child guest page with sever initiation Cisco RFC redirect. Where i get stuck is the final hand off between ClearPass after a successful webauh the CoA gets sent however the guest client is redirected to the web portal splash page again. I suspect timing or CoA as if we turn off the wifi and back on all MAC catching works as expected. all port authentication enpoint stamping works as well. see below final CoA output
Output RADIUS Attributes -Endpoint:domain = "hidden"Endpoint:Guest Role ID = 3Endpoint:MAC-Auth Expiry = 2020-11-17 17:00:00Endpoint:pwdlastset = 132417155193396008Endpoint:Username = "hidden"Radius:Cisco:Cisco-AVPair = subscriber:command=reauthenticateRadius:Cisco:Cisco-AVPair = subscriber:reauthenticate-type=lastRadius:IETF:Calling-Station-Id = 80-0C-67-E3-CA-6BStatus-Update:Endpoint = Known
Alerts -Error Code: 0Error Category: SuccessError Message: SuccessAlerts for this Request -WebAuthService: [Guest Device Repository]: Value for param Connection:Client-Mac-Address-Upper-Hyphen not found
thanks in advance
toot cause was adjusting the radios CoA time from 2 to 12 seconds within the server settings
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.