Security

I am working on setting up a new deployment of Aruba IAP managed by Central.  We are setting up a guest wireless network and using ClearPass for the captive portal.  

I have configured the WLAN in Central with CPPM as the external captive portal.  When the client initially connects to the SSID, the client lands in a role called 'External CP' in order to get redirected to the captive portal.  I don't see that role defined under the list of roles.  After the client successfully registers through the captive portal and the MAC auth has expired, we tried sending the 'External CP' role in order to get the client back to the captive portal.  Instead of landing in the External CP role, the client lands in the default role that is associated with the WLAN.  

When we configure this with controller managed APs, we use the built in role 'guest login' in order to get the client back to the captive portal process.  What do we need to send from CPPM to accomplish this with Central?

You should define a role in AC that redirects users to the CP. Then, in CPPM once the MAC-CACHE expires you send back the role you just defined. 

This is equivalent to using the canned role "guest-logon" on the controllers. . .

I am working on setting up a new deployment of Aruba IAP managed by Central.  We are setting up a guest wireless network and using ClearPass for the captive portal.  

I have configured the WLAN in Central with CPPM as the external captive portal.  When the client initially connects to the SSID, the client lands in a role called 'External CP' in order to get redirected to the captive portal.  I don't see that role defined under the list of roles.  After the client successfully registers through the captive portal and the MAC auth has expired, we tried sending the 'External CP' role in order to get the client back to the captive portal.  Instead of landing in the External CP role, the client lands in the default role that is associated with the WLAN.  

When we configure this with controller managed APs, we use the built in role 'guest login' in order to get the client back to the captive portal process.  What do we need to send from CPPM to accomplish this with Central?

Hi All

Same problem 

Clients are not redirected to Clearpass. what should be the rules int that role for user to get to the portal

Regards

You should define a role in AC that redirects users to the CP. Then, in CPPM once the MAC-CACHE expires you send back the role you just defined. 

This is equivalent to using the canned role "guest-logon" on the controllers. . .

I am working on setting up a new deployment of Aruba IAP managed by Central.  We are setting up a guest wireless network and using ClearPass for the captive portal.  

I have configured the WLAN in Central with CPPM as the external captive portal.  When the client initially connects to the SSID, the client lands in a role called 'External CP' in order to get redirected to the captive portal.  I don't see that role defined under the list of roles.  After the client successfully registers through the captive portal and the MAC auth has expired, we tried sending the 'External CP' role in order to get the client back to the captive portal.  Instead of landing in the External CP role, the client lands in the default role that is associated with the WLAN.  

When we configure this with controller managed APs, we use the built in role 'guest login' in order to get the client back to the captive portal process.  What do we need to send from CPPM to accomplish this with Central?

In Aruba Central you just need a role with the redirect to captive portal access rule type. 

You create it in the same place as your other ACLs. Under security tab. 

Hi All

Same problem 

Clients are not redirected to Clearpass. what should be the rules int that role for user to get to the portal

Regards

You should define a role in AC that redirects users to the CP. Then, in CPPM once the MAC-CACHE expires you send back the role you just defined. 

This is equivalent to using the canned role "guest-logon" on the controllers. . .

I am working on setting up a new deployment of Aruba IAP managed by Central.  We are setting up a guest wireless network and using ClearPass for the captive portal.  

I have configured the WLAN in Central with CPPM as the external captive portal.  When the client initially connects to the SSID, the client lands in a role called 'External CP' in order to get redirected to the captive portal.  I don't see that role defined under the list of roles.  After the client successfully registers through the captive portal and the MAC auth has expired, we tried sending the 'External CP' role in order to get the client back to the captive portal.  Instead of landing in the External CP role, the client lands in the default role that is associated with the WLAN.  

When we configure this with controller managed APs, we use the built in role 'guest login' in order to get the client back to the captive portal process.  What do we need to send from CPPM to accomplish this with Central?

Hi 

its working but after the login portal stays stopped on please waiting when you are logged.

After some seconds "error opening page"

In Aruba Central you just need a role with the redirect to captive portal access rule type. 

You create it in the same place as your other ACLs. Under security tab. 

Hi All

Same problem 

Clients are not redirected to Clearpass. what should be the rules int that role for user to get to the portal

Regards

You should define a role in AC that redirects users to the CP. Then, in CPPM once the MAC-CACHE expires you send back the role you just defined. 

This is equivalent to using the canned role "guest-logon" on the controllers. . .

I am working on setting up a new deployment of Aruba IAP managed by Central.  We are setting up a guest wireless network and using ClearPass for the captive portal.  

I have configured the WLAN in Central with CPPM as the external captive portal.  When the client initially connects to the SSID, the client lands in a role called 'External CP' in order to get redirected to the captive portal.  I don't see that role defined under the list of roles.  After the client successfully registers through the captive portal and the MAC auth has expired, we tried sending the 'External CP' role in order to get the client back to the captive portal.  Instead of landing in the External CP role, the client lands in the default role that is associated with the WLAN.  

When we configure this with controller managed APs, we use the built in role 'guest login' in order to get the client back to the captive portal process.  What do we need to send from CPPM to accomplish this with Central?

Hi 

its working but after the login portal stays stopped on please waiting when you are logged.

After some seconds "error opening page"

In Aruba Central you just need a role with the redirect to captive portal access rule type. 

You create it in the same place as your other ACLs. Under security tab. 

Hi All

Same problem 

Clients are not redirected to Clearpass. what should be the rules int that role for user to get to the portal

Regards

You should define a role in AC that redirects users to the CP. Then, in CPPM once the MAC-CACHE expires you send back the role you just defined. 

This is equivalent to using the canned role "guest-logon" on the controllers. . .

I am working on setting up a new deployment of Aruba IAP managed by Central.  We are setting up a guest wireless network and using ClearPass for the captive portal.  

I have configured the WLAN in Central with CPPM as the external captive portal.  When the client initially connects to the SSID, the client lands in a role called 'External CP' in order to get redirected to the captive portal.  I don't see that role defined under the list of roles.  After the client successfully registers through the captive portal and the MAC auth has expired, we tried sending the 'External CP' role in order to get the client back to the captive portal.  Instead of landing in the External CP role, the client lands in the default role that is associated with the WLAN.  

When we configure this with controller managed APs, we use the built in role 'guest login' in order to get the client back to the captive portal process.  What do we need to send from CPPM to accomplish this with Central?