Contributor II

Clearpass Guest Deployment

Hi Guys,


I just wanted to run something by you guys for a Clearpass Guest Deployment.


One of my clients is looking to deploy a basic guest wireless from an Instant Access point. They want the users to input the pre-shared key and after that they would like them to get a captive portal page where they accept the terms and conditions.


The problem is with the captive portal page. Here is some basic info on the deployment:


  • 30 sites with 1 IAP at each site broadcasting the SSID
  • The IAP is attached to a broadband router, which is attached to an ADSL line
  • It is very unlikely that these 30 sites have direct connectivity with each other. I.e no MPLS network to link them together or WAN so we will be relying on the Internet


I wanted to ask you guys to clarify the following:


  • How will the IAP communicate to the centrally hosted clearpass server?
  • How do I add these IAP’s into Clearpass as they will have a 192.168.x address from the router
  • What kit list is required from Clearpass, i.e I know I need the Clearpass server & licenses, but have I missed anything else?


Hope you guys can answer my request with a nice easy solution J

Frequent Contributor II

Re: Clearpass Guest Deployment

You'll have to provide a public reachable address for the clearpass. Source NAT for the 2nd question

Frequent Contributor II

Re: Clearpass Guest Deployment

Note regarding the first bit: if you're using DNS name instead of IP address, you'll also need a publically resolvable address. has to lead them to your ClearPass from the internet. This will be a public address. 


You can use destination NAT for masking your ClearPass behind that public address. 

Search Airheads
Showing results for 
Search instead for 
Did you mean: