My first post having been reading the useful airheads community articles recently.
I have recently been testing 2x 7240XM in a cluster connecting to a MM-VA (running 220.127.116.11). These are being tested with a view to replacing the current 2x 7204 running 18.104.22.168. I have much of the setup working as expected but have a few questions:
- Can a guest WLAN have a password setup to connect to the SSID and then the authentication page requesting username and password credentials? (The current controllers in place allow this but I have not managed to find how to do this on 22.214.171.124).
- Can the guest provisioning portal be restricted to only be accessed by certain individuals? (Currently, as a RADIUS server is configured for employees to log in to the Employee SSID this means the guest provisioning portal is also allowing all employees to authenticate and log in and create users - I want to restrict this to say the IT department only.
- When connecting to the Guest SSID, the redirect takes the user to a http://www.msftconnecttest.com/redirect?cmd=redirect&arubalp=12345 when connecting from a Windows machine only, suggesting a certificate error however this does not occur on iPhones, iPads etc. As iPhone, iPad users connect immediately I believe a certificate is not required however am happy to learn about this.
Any help on the above is most appreciated.
Have you tried using WPA2 personal with the PSK to connect, and then assigning a captive portal role upon joining. The captive portal role can then be used to redirect the user to a web login, and depending on the user type, allow access via roles returned.
For guest operators, are you using ClearPass? Or is all of this being done via internal captive portal?
Aruba performs a man-in-the-middle approach to redirecting clients to a captive portal page. You may get this type of certificate error due.
Thanks for the reply.
We are not currently using clearpass although there are plans for it in the future so it's all being done by the internal portal for now.
There doesn't seem to be the option to use WPA2 personal with PSK when configuring a Guest WLAN, see below:
Am I missing something?
With regards to the certificate error, i think your reply got cut mid-sentence, "You may get this type of certificate error due.." Could you kindly resend this?
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.