HI guys.
This is my first post. I am a network techinician ACSP certified and i work for a system integrator in Italy.
I have a very specific question for you all.
Our customer has a Ruckus Wireless infrastructure based on several Access Points managed by a cluster of 2 Virtual Smart Zone controllers.
We set up a GUEST WiFi Network with self-registration handled by Aruba Clearpass.
The self-registration works well, but clients that roams or get disconnected from the WiFi network, are forced to re-login by the captive portal.
It seems that MAC caching is not working well. Even if we de-activate the privacy setting on the smartphones, forcing to use the physical MAC address of the device (default for Android is to use a random-generated MAC Address).
In fact, as you might know, Clearpass normally use 2 services for a GUEST Access:
- first: a Service that allows access to captive-portal logon users;
- second: a MAC authentication Service that shoul authenticate directly the endpoint MAC Address, bypassing the captive-portal login.
Taking a look at the registered user, i noticed that the Endpoint MAC address shown in the Guest User detail page IS NOT the device MAC Address, but the Ruckus Access Point MAC Address.