Security

last person joined: 19 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

CP Guest and single click SSID question

This thread has been viewed 6 times

  • 1.  CP Guest and single click SSID question

    Posted Mar 26, 2015 03:15 PM

    I have successfully setup a single click SSID with TOS acceptance using the randomly generated account name.  What I am struggling with is how to set it up so that the mac is cached so that the user doesn't have to click it everytime they connect.  I would prefer to set is so they have re-accept the ToS every 1 or 2 weeks.  I have create the guest authentication with mac cache server using the service template but this doesn't appear to be working for me.  Any help would be greatly appreciated.



  • 2.  RE: CP Guest and single click SSID question

    Posted Mar 26, 2015 03:16 PM

    Are you using controller Internal CP or ClearPass ?



  • 3.  RE: CP Guest and single click SSID question

    Posted Mar 26, 2015 03:18 PM

    Clearpass.



  • 4.  RE: CP Guest and single click SSID question

    Posted Mar 26, 2015 03:25 PM

    You can do this using the Guest Mac Auth template (Mac Caching)



  • 5.  RE: CP Guest and single click SSID question

    Posted Mar 26, 2015 03:27 PM

    As stated in my original post. I created the guest auth with mac cache service but it is not working.



  • 6.  RE: CP Guest and single click SSID question

    Posted Mar 26, 2015 03:36 PM

    I missed that part.

    A couple of things:

    - Do you have radius accounting enabled on the controller and ClearPass ?

    - In the mac auth service enforcement policy you should able to define the amount of time you would like to allow the device to authenticate without seeing the captive portal

    2015-03-26 15_32_29-ClearPass Policy Manager - Aruba Networks.png



  • 7.  RE: CP Guest and single click SSID question

    Posted Mar 26, 2015 03:58 PM
    Ok I am getting further now. When I connect to the SSID I am hitting the correct service but getting this error message:

    Session failed for Host=172.18.x.x, Reason=[Failed to connect to datasource: [unixODBC]FATAL: password authentication failed for user "appexternal"
    FATAL: no pg_hba.conf entry for host "172.18.x.x", user "appexternal", database "insightdb", SSL off
    SQLState=08001 ErrorCode=101]





    Electronic Privacy Notice. This e-mail, and any attachments, contains information that is, or may be, covered by electronic communications privacy laws, and is also confidential and proprietary in nature. If you are not the intended recipient, please be advised that you are legally prohibited from retaining, using, copying, distributing, or otherwise disclosing this information in any manner. Instead, please reply to the sender that you have received this communication in error, and then immediately delete it. Thank you in advance for your cooperation.


  • 8.  RE: CP Guest and single click SSID question

    Posted Apr 27, 2015 08:47 AM

    is insight turned on on your clearpass?



  • 9.  RE: CP Guest and single click SSID question
    Best Answer



  • 10.  RE: CP Guest and single click SSID question

    Posted Mar 26, 2015 03:34 PM
    Thank you. I will give this a try.





    Electronic Privacy Notice. This e-mail, and any attachments, contains information that is, or may be, covered by electronic communications privacy laws, and is also confidential and proprietary in nature. If you are not the intended recipient, please be advised that you are legally prohibited from retaining, using, copying, distributing, or otherwise disclosing this information in any manner. Instead, please reply to the sender that you have received this communication in error, and then immediately delete it. Thank you in advance for your cooperation.