Hey all!
since you were so quick to help with my last question, I figured I'd ask another one.
To re-cap:
Big background up front: I had a lab with an HP switch for users, a MAS 1500 for redirection (maybe) and head-end, and a 7005 controller. This is all segregated via Cisco ASA to simulate a remote office. Our ClearPass appliance is not in this segregated lab, since it is a VM and we don't have a big enough lab/budget to have VM in the lab. With this setup, everything seemed to be working fine - although I am almost positive that it was actually the controller handling all of the redirection rather than the MAS.
Part II
Well, since our remote sites DO have MAS switches, but DO NOT have controllers, I have moved the controller to the other side of the firewall with the VM, thus ensuring that I am both emulating a remote site, and that I am indeed doing the redirection with the MAS rather than the controller. This is now working with no 'click here to continue' stopping point, thanks to help from Tim Cappalli (thanks again).
Part III
Currently, I am seeing two problems, neither of which seem to me be something that should have been affected by the controller move, but they are now broken. the first issue is that wireless devices are no longer getting IP addresses. The MAS switch is doing the DHCP, and it is working for wired users. The AP itself also gets an IP from the MAS, and the wireless devices, the AP, and wired devices (once authenticated as being company owned/full access devices) are all on the same vlan. Is there a change in the controller I need to make to let wireless users get DHCP from inside the segregated area?
Second issue is that the ClearPass appliance appears to be placing wired devices into the wrong vlan after going through the workflow. Unfortunately I am not the one doing the actual testing, but I was told that ClearPass is sending the device to the posturing vlan 526, but the devices is getting an IP from the captive portal vlan 426.
Not sure which part of the configs I need to share, so if you ask, I will provide.
Thanks,
Russell