got it working with tagged vlan. Thx for the info
Original Message:
Sent: Nov 24, 2023 10:39 AM
From: chulcher
Subject: AOS 8.10 bridge modes captive portal
Haven't seen that mentioned, shouldn't matter. Clients are never expected to be pulling an IP address from the same VLAN as the AP is managed from.
------------------------------
Carson Hulcher, ACEX#110
Original Message:
Sent: Nov 23, 2023 02:55 AM
From: PE89
Subject: AOS 8.10 bridge modes captive portal
Thanks for the info, do you know if it should work with tagged vlan, or only the native vlan?
Original Message:
Sent: Nov 22, 2023 12:04 PM
From: chulcher
Subject: AOS 8.10 bridge modes captive portal
For a bridge mode connection the AP has to do the redirect. Make sure the user role applied to the session for login purposes has the "captiveportalbridge" access-list applied rather than the usual "captiveportal".
Documentation is lacking because this feature was added for a particular requirement. AOS 8 bridge mode overall is not a recommended deployment.
------------------------------
Carson Hulcher, ACEX#110
Original Message:
Sent: Nov 22, 2023 11:49 AM
From: PE89
Subject: AOS 8.10 bridge modes captive portal
MTU is 1518, but I dont think this is relevant as we can browse to the Captive portal on DNS manually and it works fine. It's just the redirection that isnt working. What device should do the redirection? Is it the AP or the controller? The documention is very lacking on this front.
Original Message:
Sent: Nov 22, 2023 11:15 AM
From: chulcher
Subject: AOS 8.10 bridge modes captive portal
What is the MTU and underlying transport for the connection between the remote site and controller?
------------------------------
Carson Hulcher, ACEX#110
Original Message:
Sent: Nov 22, 2023 11:08 AM
From: PE89
Subject: AOS 8.10 bridge modes captive portal
It's not an WAN, it is still an MPLS site, but the MPLS is too low to also handle the guest traffic, but there is a seperate internet link that we would use to handle guest http traffic.
Original Message:
Sent: Nov 22, 2023 11:00 AM
From: chulcher
Subject: AOS 8.10 bridge modes captive portal
Operating an AP as a Campus AP over a WAN is not a supported deployment. AOS 8 expects a controller on the same LAN as the AP.
------------------------------
Carson Hulcher, ACEX#110
Original Message:
Sent: Nov 22, 2023 10:55 AM
From: PE89
Subject: AOS 8.10 bridge modes captive portal
The customer only has 1 remote site, and thus would imply 2 configurations to be handled differently. For ease of mgmt, we would opt to only forsee the config being handled by the MC. Also the corporate traffic needs to be tunneled and we would need to modify it to handle that to iap-vpn, and thus make it more complex for the customer.
Original Message:
Sent: Nov 22, 2023 09:36 AM
From: chulcher
Subject: AOS 8.10 bridge modes captive portal
Why are you wanting to use bridge mode and captive portal? Why wouldn't you run the APs in Instant mode where bridging is a native function rather than a secondary consideration?
------------------------------
Carson Hulcher, ACEX#110
Original Message:
Sent: Nov 22, 2023 04:40 AM
From: PE89
Subject: AOS 8.10 bridge modes captive portal
Hello,
According to 8.7 features Captive Portal Enhancements (arubanetworks.com) an external CP should now be possible with bridged mode campus AP's. However this is not working for my setup (bridged to a tagged vlan), no CP redirect happening (DNS lookup works). Not much info besides 2 config changes (full path and the AAA profile change). I'm assuming this will only work on the native bridged VLAN? I can't really test the native VLAN to validate as this has no external access (DNS).
Can someone give me the limitations on this?
Thanks!