Security

This community is currently in a read-only state due to a maintenance window. For more info click here
Reply
Highlighted
Occasional Contributor II

CPPM - Prevent Guest users from logging on to certain captive portal

Hi Airheads!

 

We have a CPPM implementation with a Clearpass cluster in a central location with multiple branch offices with local Aruba wireless controllers. We have different captive portals (14 in total) implemented, 2 per remote site (one for visitors, one for patients). There are also 2 SSID's per remote site.

Each portal has its own GuestUser Role ID assigned so that we can make a difference between the different guest users and thus assign the appropriate Aruba user role back to the controllers.

 

There is however one problem: guest users are able to login to both the portal for visitors and to the portal for patients. And that is not the purpose...

 

The question is: how can we prevent guest users intended for e.g. the visitor portal to log on to the patients portal?

 

Thanks in advance!

 

Best regards

Tim


Accepted Solutions
Highlighted
Occasional Contributor II

Re: CPPM - Prevent Guest users from logging on to certain captive portal

Solved by checking for the according SSID in combination with the assigned Role ID to the Guest account.

View solution in original post


All Replies
Highlighted
Guru Elite

Re: CPPM - Prevent Guest users from logging on to certain captive portal

What is the access difference between patients and guests?


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Occasional Contributor II

Re: CPPM - Prevent Guest users from logging on to certain captive portal

Guests are allowed restricted internet-only access, patients can additionally browse to some internal resources. These access restrictions are configured on the wifi controllers
Highlighted
MVP Expert

Re: CPPM - Prevent Guest users from logging on to certain captive portal

how are you making the distinction between  the two type of users?

 

 

 

 

Thank you

Victor Fabian
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Highlighted
Moderator

Re: CPPM - Prevent Guest users from logging on to certain captive portal

Why not use the same SSID and use role based access?


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Highlighted
Occasional Contributor II

Re: CPPM - Prevent Guest users from logging on to certain captive portal

We've made different guest user role ID's per type of user, 14 in total. This way we do the role mapping to differentiate the type of users.
Highlighted
Occasional Contributor II

Re: CPPM - Prevent Guest users from logging on to certain captive portal

The customer insisted on different SSID's instead of one.
Highlighted
Occasional Contributor II

Re: CPPM - Prevent Guest users from logging on to certain captive portal

Solved by checking for the according SSID in combination with the assigned Role ID to the Guest account.

View solution in original post

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: