I am trying to setup an AP-93H with split tunnel on the ports so that the traffic is not tunneling back to the controller, and just going from the controller locally.
I followed a guide I received from TAC, and when the user connects, they are put in the NAT vlan with the correct role, however they never get the captive portal to login. I have entered the IP address of the wireless controller and even that will not show a login page, I just get a timeout.
Thanks for any assistance you can provide.
Are you doing split tunnel captive portal? Can you at least ping the controller's ip address?
Yes, I can do DNS lookups and ping but it will not display the portal.
I have a vlan setup on the controller (21) that is setup as a source NAT. There is an ip on the controller for that vlan as well.
Does the user get into a role with the Captive Portal ACL?
Yes, they are put into the correct login role with the acls applied for redirection.
You should then type "show datapath session table <ip address of client>" on the commandline of the controller to see what traffic is being passed during the redirect, or if traffic is being denied.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.