Hello community,
in an IAP installation, I can create a guest network using the internal server to create user accounts.
The problem is that the vouchers cannot be restricted in terms of time.
Although there is a large installation across many sites of IAP clusters managed by AirManager, only the head quarter needs to have the ability to create guest vouchers (like 10 a day, so CLearPass would be too oversized).
I know that a mobility controller has the functionality of restricting the accesses in terms of time.
I was thinking of two solutions:
- Could the IAP cluster in a headquarter be connected to a controller (VPN would not be needed but maybe GRE) just for the task of creating vouchers? (VPN tab in UI)
- Could the mobility controller serve as external database for guests of an IAP network? ("Configuring External Captive Portal Authentication when Adding a Guest Network" is the point in the user guide)
BR
rolfo333