Security

last person joined: 4 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

CP Guest email validation with temporary access

This thread has been viewed 8 times

  • 1.  CP Guest email validation with temporary access

    Posted Feb 01, 2018 06:43 AM

    A customer of ours has IAP and Clearpass. He would like visitors to be able to register, but he wants to confirm that their email address is valid.

     

    The idea is that the user will create an account, get 10 minutes of internet access, receives an e-mail, clicks a link and then get full access.

     

    For example, this feature already exists in central. But we want to configure it with clearpass.

     

    My idea was to copy the username field to the sponsor email field. However when you activate sponsoring, a registered account is set to disable. And we cannot give them 10 minutes of access.

     

    Another idea is to set the account expiration time to 10 minutes and then use a link in the email receipt page to update the expiration time. However we need to secure that so a user cannot edit the link and indefinitely change his expiration time.

     

    Any ideas?

     

     



  • 2.  RE: CP Guest email validation with temporary access

    EMPLOYEE
    Posted Feb 01, 2018 08:42 AM

    Have you seen this thread here.  Very simple and works a treat.



  • 3.  RE: CP Guest email validation with temporary access

    Posted Feb 02, 2018 03:19 AM

    Works like a charm. Thanks a lot!

    Just one little thing missing.

     

    As the role id isn't changed in the tutorial. Mac-auth in this causes the time-out to change to de default. Changing it there to 6 minutes is not optimal. 
    But I'll keep that for the other thread.