I have a problem about integration of IAP ( Instant AP )and home made external captive portal..
The requested configuration is very simple.So User will be redirected to the third party external captive portal after WPA2 auth.
IAP assigns the pre-auth role( permit only dhcp,dns,and capvite portal server) to users that have authenticated with WPA2.
I see that IAP assigns Pre-auth role to user after success WPA2 auth.But user can access to anywhere although its role is pre-auth role.
External captive portal software is a web based software and it uses a own radius server.There are a two factor auth application..
First screen of captive portal includes username and password, second screen includes sms passcode..
External captive portal sends a wellcome page after CP auth..This wellcome page includes a text..( for example "authenticated" ) , IAP should be parse this text and assign authenticated role.
Hardware: IAP 105
Firmware: ArubaInstant_Orion_6.1.2.3-2.0.0.3_31389
Thaks,