All,
I'm currently working with a customer that has a Meru infrastructure running 7.0.8-0. We've been able to setup OnBoarding, OnGuard, and the initial ClearPass Guest authentication, without too much of an issue.
We're currently stuck trying to figure out how we will do MAC Caching. We are running into two separate issues. The first is that when a user fails "MAC Filtering" we are not able to fail open to the Captive Portal page.
The second issue is a little more complex. Here's what is happening:
1. The user connects to the captive portal SSID and is successfully authenticated into the network if they have previously been sponsored.
2. The user is bound to the ESS Profile in Meru for ClearPass Guest.
3. The user is presented the Captive Portal once again. The Captive Portal is tied to that ESS Profile and I haven't had any luck finding a RADIUS attribute to bypass this.
One awful workaround would be to have a separate Guest MAC Caching SSID that would be used to authenticate users that are still valid within ClearPass Guest. This seems beyond kludgy to me, and I'd really like to avoid it.
Thanks for any help that you can offer!
-Mike