Security

Hi,

iam testing CPPM with AOS 8.4 in as Guest Self-Register.

Got 2 DMZs - one for CPPM and one for Clients/Internet-Access. AOS8 is in the LAN and LAN has access to CPPM DMZ. Controller(s) got an IP in the Client Subnet - ip cp-redirect-address is set on this ip at each controller.

I setup everything fine from the scratch and Portal is coming - User is checked BUT it hangs in getting forwarded / Change Role after the login. I'll get a timeout in accessing the configured page in the cppm * IP Adress: captiveportal-login.domainwithcert.com -> Where the Client is getting forwarded to. What is exactly the purpose of this URL ? If i got more Controllers in a Cluster, what IP/Name is the right here with AOS 8.4 ? Are there any suggestions where i can troubleshoot this issue further?

Thanks for Feedback

Are you talking regarding IP address configured under NAS devcie setting in

Below link proivde details of NAD vendor IP in self registartion page.

https://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/Web-Login-NAS-Address-configuration-options-in-single-and-multi/ta-p/275426

Hi, its under:

Home » Configuration » Pages » Self-Registrations -> Advanced Editor

As iam using a Wildcard Cert i set a name to captiveportal-login.abc.com so far so fine but the client does not reach this Site because there is no DNS for this site. So the question is what IP should be behind the DNS if i use several controllers (cluster) ?! As each Client has a different Anchor Controller is hard .. or is there any other mechanism that fits that problem?

Thanks