Hi all,
can anyone provide me with a working example for a downloadable user role for a mobility controller please ? Specifically the captive portal config in the DUR? Even when I create the DUR in standard mode, the controller is rejecting the command syntax see below. The DUR is working fine without the CP config. Clearpass 6.10.5 Controller 8.7.1.4
aaa authentication captive-portal PostureCheck server-group ProQR-CPPM default-role logon default-guest-role logon no user-logon guest-logon no logout-popup-window login-page https://captive-portal.proqr.com/guest/proqr-posture.php no enable-welcome-page!Jun 16 12:19:15 :199802: <3612> <ERRS> |authmgr| auth_cppm.c, auth_cppm_transform_writebuf:1938: Dldb Role ProQR_DURW_Test-3039-2: Rejected line 'aaa authentication captive-portal PostureCheck', contains unsupported keyword
Jun 16 12:19:15 :199802: <3612> <ERRS> |authmgr| auth_cppm.c, auth_cppm_transform_writebuf:1938: Dldb Role ProQR_DURW_Test-3039-2: Rejected line '^Iserver-group ProQR-CPPM', contains unsupported keyword
Jun 16 12:19:15 :199802: <3612> <ERRS> |authmgr| auth_cppm.c, auth_cppm_transform_writebuf:1938: Dldb Role ProQR_DURW_Test-3039-2: Rejected line '^Idefault-role logon', contains unsupported keyword
Jun 16 12:19:15 :199802: <3612> <ERRS> |authmgr| auth_cppm.c, auth_cppm_transform_writebuf:1938: Dldb Role ProQR_DURW_Test-3039-2: Rejected line '^Idefault-guest-role logon', contains unsupported keyword
Jun 16 12:19:15 :199802: <3612> <ERRS> |authmgr| auth_cppm.c, auth_cppm_transform_writebuf:1938: Dldb Role ProQR_DURW_Test-3039-2: Rejected line '^Ino user-logon', contains unsupported keyword
Jun 16 12:19:15 :199802: <3612> <ERRS> |authmgr| auth_cppm.c, auth_cppm_transform_writebuf:1938: Dldb Role ProQR_DURW_Test-3039-2: Rejected line '^Iguest-logon ^Ino logout-popup-window ^Ilogin-page
https://captive-portal.proqr.com/guest/proqr-posture.php ^Ino enable-welcome-page ! ip access-list session ProQR-Computer-Quar ^Iany any svcProQR_DHCP permit
Jun 16 12:19:15 :199802: <3612> <ERRS> |authmgr| auth_cppm.c, auth_cppm_transform_writebuf:1938: Dldb Role ProQR_DURW_Test-3039-2: Rejected line '^Ino logout-popup-window', contains unsupported keyword
Jun 16 12:19:15 :199802: <3612> <ERRS> |authmgr| auth_cppm.c, auth_cppm_transform_writebuf:1938: Dldb Role ProQR_DURW_Test-3039-2: Rejected line '^Ilogin-page
https://captive-portal.proqr.com/guest/proqr-posture.php', contains unsupported keyword
Jun 16 12:19:15 :199802: <3612> <ERRS> |authmgr| auth_cppm.c, auth_cppm_transform_writebuf:1938: Dldb Role ProQR_DURW_Test-3039-2: Rejected line '^Ino enable-welcome-page', contains unsupported keyword
Jun 16 12:19:15 :199802: <3612> <ERRS> |authmgr| auth_cppm.c, auth_cppm_transform_writebuf:1966: Dldb Role ProQR_DURW_Test-3039-2: processing stopped due to whitelist violation
Jun 16 12:19:15 :199802: <3612> <ERRS> |authmgr| auth_cppm_fsm.c, ac_afsm_exec_transform:433: Dldb Role ProQR_DURW_Test-3039-2: Transform failed
Jun 16 12:19:15 :124830: <3612> <ERRS> |authmgr| Dldb Role ProQR_DURW_Test-3039-2: Users dequeued, role in incomplete state
------------------------------
Erik Eckhardt
ACMX #1245, ACDX #968, ACCP, ACSP,ACNSP
------------------------------