Hello all,
in our scenario, we have a branch office with an internet connection and an MPLS connection to the HQ where Clearpass is installed. Knowing that the internet connection is on VLAN 2 and MPLS connection is on VLAN1, we would like to deploy a guest SSID where when you connect, you're able to reach the CPPM server an make the authentication (even with facebook) with a pre-auth role, and then the client will be hopped to the VLAN2 in order to be able to surf on internet.
Knowing that for certain clients VLAN hopping is not working great, how would you manage this situation?
We thought about clients natting on the AP or publishing the CPPM on internet.
Thank you.
Gabriel