Security

Reply
Occasional Contributor II

Aruba VMC 8.3.6 and Clearpass 6.7.9 Guest Access Issue

HI There 

I'm workng on a POC deployment which consit below equipment 

Cisco WLC wit AP 

Aruba IAP Cluster 

Aruba MC VA (Standalone) wit AP 

Clearpass 6.7.9 (Single Instance)

I'm working on a Guest Self-registration with Mac Cashing deployment. 

I've managed to get everythng to work on all devices mobile devices including registration, mac auth and web login accross all platforms.

However I have an issue when trying to self register Windows 10 wireless client while connecting to Guest hosted by VMC controller 

After sucessfull regustration client cannot go through the securelogin.....and ending up with Deny Access URL massage and is redirected back to the portal page again.

This Is only happening with Windows 10 Clients and Aruba VMC contollers, Aruba IAP works just fine with the same client and CMC works with other mobile and smart devices.

 

Any advice is highly appreciated

Many Thanks 

Jack

Contributor II

Re: Aruba VMC 8.3.6 and Clearpass 6.7.9 Guest Access Issue

Hi Jack,

I have had similar issues in the past. Are you using the default Aruba certificate? “Secure login.arubanetworks.com”?

This is one of the main issues I have this problem and the resolution for me is to get a publicly signed certificate as the default cert from Aruba is being revoked as it was compromised a few years ago.

Thanks
Ben
Ben Casey
Occasional Contributor II

Re: Aruba VMC 8.3.6 and Clearpass 6.7.9 Guest Access Issue

Hi There 

Yes im still using default Certificate as this is for demo lab porpuses 

Are there any other ways around this problem ?

 

Super Contributor I

Re: Aruba VMC 8.3.6 and Clearpass 6.7.9 Guest Access Issue

Use HTTP instead of HTTPS. But that is not advisable for production


Willem Bargeman ACMX#935 | ACCX #822

Please give me kudos if my post was useful!
If your issue is solved mark the post as solution!
Contributor II

Re: Aruba VMC 8.3.6 and Clearpass 6.7.9 Guest Access Issue

Indeed, as mentioned above you can use http instead of HTTPS in this case. However, the recommended way would be to get a publicly signed certificate.

Thanks, Ben

Ben Casey
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: