Security

Greetings 

Has anyone been able to integrate cambium AP's with clearpass for Guest Self Registration?

Basically we have everything setup according however it appears there seems to be some issues but i have some questions to ask 

We are using the IP address of the cambium AP on the guest self registration on clearpass and not the certificate FQDN as we have not introduced the certificate

The users can sign in with the clearpass ipaddress/guest/guestuser_3.php create a user and then login but cannot browse. We can see the user creation on manage account on clearpass and also see some audit on the audit viewer but nothing on the access tracker, so in my view this process in itself isn't communicating with the AP

We have everything setup properly in the cambium albeit we are not sure if we have the correct Postback URL of the cambium AP

http://{$extra_fields.ga_srvr}:880/cgi-bin/hotspot_login.cgi

You have to use a custom setup for the captive portal for the credentials to be submitted back to the correct AP.  Make sure to populate the "Extra Fields" input with the required information.  Note, the screenshot was setup against a single AP.  Use the URL from above as the "Submit URL" so that the proper IP address gets used.

ga_ssid!=
ga_ap_mac!=
ga_nas_id!=
ga_srvr!=
ga_cmac!=
ga_Qv!=

------------------------------
Carson Hulcher, ACEX#110

Original Message:
Sent: May 14, 2024 03:47 PM
From: vovocals
Subject: Guest Self Registration with Cambium AP

Greetings 

Has anyone been able to integrate cambium AP's with clearpass for Guest Self Registration?

Basically we have everything setup according however it appears there seems to be some issues but i have some questions to ask 

We are using the IP address of the cambium AP on the guest self registration on clearpass and not the certificate FQDN as we have not introduced the certificate

The users can sign in with the clearpass ipaddress/guest/guestuser_3.php create a user and then login but cannot browse. We can see the user creation on manage account on clearpass and also see some audit on the audit viewer but nothing on the access tracker, so in my view this process in itself isn't communicating with the AP

We have everything setup properly in the cambium albeit we are not sure if we have the correct Postback URL of the cambium AP

Thanks Carson 

You are the boss

We have been bundling everything under the submit url 

so the guest system could not pass the credentials to the AP

Will test this in the morning and revert

Just one question, what is the best way for users to access the captive portal? is it with the clearpass IP with the .php which exposes the name/ip of the clearpass server or with the fqdn of the cambium ap

http://{$extra_fields.ga_srvr}:880/cgi-bin/hotspot_login.cgi

You have to use a custom setup for the captive portal for the credentials to be submitted back to the correct AP.  Make sure to populate the "Extra Fields" input with the required information.  Note, the screenshot was setup against a single AP.  Use the URL from above as the "Submit URL" so that the proper IP address gets used.

ga_ssid!=
ga_ap_mac!=
ga_nas_id!=
ga_srvr!=
ga_cmac!=
ga_Qv!=

------------------------------
Carson Hulcher, ACEX#110

Original Message:
Sent: May 14, 2024 03:47 PM
From: vovocals
Subject: Guest Self Registration with Cambium AP

Greetings 

Has anyone been able to integrate cambium AP's with clearpass for Guest Self Registration?

Basically we have everything setup according however it appears there seems to be some issues but i have some questions to ask 

We are using the IP address of the cambium AP on the guest self registration on clearpass and not the certificate FQDN as we have not introduced the certificate

The users can sign in with the clearpass ipaddress/guest/guestuser_3.php create a user and then login but cannot browse. We can see the user creation on manage account on clearpass and also see some audit on the audit viewer but nothing on the access tracker, so in my view this process in itself isn't communicating with the AP

We have everything setup properly in the cambium albeit we are not sure if we have the correct Postback URL of the cambium AP