Security

Reply
Occasional Contributor II

CaptivePortal - Contoller white list

Hi

I need to make an exception on our guest network so users can reach the CaptivePortal login page over https.
CaptivePortal is not on the same ip as the radius because I do not want to publish any internal resources on the guest network. However, CaptivePortal runs on the same Cleapass server as the radius, but users reach this over an external ip that is destination NAT in the firewall to ClearPass internal ip.
 
So my goal is to create an exception in the white list for the external ip that we use for CaptivePortal.
This seems to be done on the mobility master under L3 Auth. I would like to add a value to the list that pops up if you click + under whitlist.

The picture shows what I mean.

 

When I tied to do this in the cli, the mobility master crashed. Can be that I did something wrong but can't find any documentation on how to do it

.

Does anyone know how to allow my guest users to reach CaptivePortal?

Occasional Contributor II

Re: CaptivePortal - Contoller white list

Create an object for your captive-portal IP address. On the CLI you can do:

netdestination captiveportal_ext

  host x.x.x.x

You can then add this to the whitelist under L3 Auth

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: