Security

I have an Aruba wifi network with two VCs.  Guest services works on one using User Auth and MAC Caching.  On the other VC, the registration and login pages come up, but then the user is redirected to the attached page.  I think this is because it's trying to just do MAC Auth instead of User Auth.  The MAC address of the device is seen as the User instead of the entered e-mail address and gets rejected.

I'm not sure what modification to make to fix this.  I'd appreciate any ideas. Thanks.

It looks like you didn't upload your Wildcard Captive Portal certificate to the non-working VC.  ClearPass is hardcoded to resolve that URL from the uploaded wildcard certificate.  You need to upload the certificate on the working VC to the non-working VC.

Thanks for the reply. I'll look at comparing the certificates.  

The other complicating factor is the working VC in managed by AirWave.  The non-working VC is not.  I think I broke the CP guest auth when I tried to move the non-working VC to AirWave management.  I've backed out of that, but it didn't help.

The problem in your screenshot means that the certificate needs to be on the non-working VC so that it can resolve the URL.  This applies whether or not the VC is being managed by Airwave.

Gotcha, I understand.  Thanks for the help, that fixed it.  Any gotchas you know of when moving a VC and its APs to AirWave management?

Yes.  You should make it "Monitor Only".  Ther are alot of ways to overwrite your configuration unintentionally.  Please see deploying instant in Airwave here:  https://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/Command/Core_Download/Default.aspx?EntryId=32992