Cloud Managed Networks

 View Only
last person joined: yesterday 

Forum to discuss all things Aruba Central and UXI Network Management, this includes Aruba Central managed networks, Central configuration, best practices, Central APIs, Cloud Guest, AIOps, Presence Analytics and Other Central Applications
Expand all | Collapse all

Guest Portal / Radius

This thread has been viewed 14 times
  • 1.  Guest Portal / Radius

    Posted 20 days ago
    Hi, we are seeing the following after configuring Guest Portal access from a site which is connected via VPN over VDSL...
    We are able to tracert to euw1 and euw1-elb  which resolve to Central IP addresses and firewall ports 2083 and 443 are open.

    Output Time: 2023-01-13 12:19:30 UTC
    COMMAND=show radius status
    Radius server status
    --------------------
    Name Server IP Source IP Server Name Protocol Port NAS IP Connected sockets Status Last connection tried at Next connection at
    ---- --------- --------- ----------- -------- ---- ------ ----------------- ------ ------------------------ ------------------
    InternalServer 127.0.0.1 10.x.x.x Not configured RADIUS/UDP 1616 127.0.0.1 Not Applicable Not Applicable Not Applicable Not Applicable
    AS1_#guest#_ 0.0.0.0 10.x.x.x euw1.cloudguest.central.arubanetworks.com RADIUS/TLS 2083 10.x.x.x 0 INIT 2023-01-13 12:19:11.440820 2023-01-13 12:19:51.40440820
    AS2_#guest#_ 0.0.0.0 10.x.x.x euw1-elb.cloudguest.central.arubanetworks.com RADIUS/TLS 443 10.x.x.x 0 INIT 2023-01-13 12:18:23.948294 2023-01-13 12:23:43.320948294

    === Troubleshooting session completed ===
    Any help appreciated
    Dave


  • 2.  RE: Guest Portal / Radius

    Posted 18 days ago
    Did you try to do a local breakout for guest portal instead of going through VPN/VDSL connection?

    Maybe totally unrelated, but did you check MTU size over VPN connection?

    Best, Gorazd

    ------------------------------
    Gorazd Kikelj
    MVP Expert 2023
    ------------------------------



  • 3.  RE: Guest Portal / Radius

    Posted 17 days ago
    Hi Gorazd, yes, we have configured direct internet access to cloudguest, also mtu has been changed to 1300, still no success! Can different Spash pages be associated with a single SSID? or can different Splash pages be associated with their own SSID ?
    Dave


  • 4.  RE: Guest Portal / Radius

    Posted 17 days ago
    Hi Dave.

    You can select captive portal by providing an appropriate role in RADIUS:Aruba:Aruba-User-Role attribute so in practice you can have multiple captive portals on the same ssid. You need to have a mean to determine what splash page/captive portal you need to show to a connecting device. This can be based for example on location of the AP.

    Also ssid can have it's own captive portal/splash page associated. So both options are possible.

    Best, gorazd

    ------------------------------
    Gorazd Kikelj
    MVP Expert 2023
    ------------------------------