Using AOS 6.3.1.3 and CPPM 6.3.0.60730. Finally have CP through CPPM working with AD for user auth. New Issue is this:
Enabled:*Vendor Settings:Login Method:*IP Address:Secure Login:Dynamic Address:Security Hash:
NAS Login Options controlling logging into a NAS for self-registered guests. |
Enable guest login to a Network Access Server |
Select a predefined group of settings suitable for standard network configurations. |
Select how the user’s network login will be handled. Server-initiated logins require the user’s MAC address to be available, usually from the captive portal redirection process. |
Enter the IP address or hostname of the vendor’s product here. |
Select a security option to apply to the web login process. |
The controller will send the IP to submit credentials In multi-controller deployments, it is often required to post credentials to different addresses made available as part of the original redirection. The address above will be used whenever the parameter is not available or fails the requirements below. |
Select the level of checking to apply to URL parameters passed to the web login page. Use this option to detect when URL parameters have been modified by the user, for example their MAC address. |
I have the enable login to NAS checked but it requires me to have them authenticate at *IP address (currently place.network.com as place holder). Question is: Why do I have to do this?
If I disable this section then the login page for the CP is disabled.
I cannot figure out what to do next. I don't have a target I can send it to that works and I don't even need this 2nd authentication but it is required.
What's the logic here that I'm missing? Aruba documents are less than helpful at this time.
**edit**
The *IP address defaults to securelogin.arubanetworks.com (if that helps ring a bell in someone's mind)