Security

Reply
Frequent Contributor I

Guest - Return to splash page to re-authenticate?

Hey All, is there a method for guest users to return to the splash page to re-authenticate (for elevated access)? 


Scenario: Our splash page has multiple options, say 'basic' and 'advanced' access. If they click 'basic', and later decide they want 'advanced', how do they get back? I can do it manually by clearing their MAC Cache timer and forcing them back to the splash page, but how can they do it themselves? Maybe browser history to get back to the original redirect URL? Some other better method? 

 

The config is basically the canned 'guest access with MAC caching'

 

Thanks. 

Aruba Employee

Re: Guest - Return to splash page to re-authenticate?

Hi cm119,

 

I have not used this before, but from my point of view, this should be possible. Have a look at this page:

 

https://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/How-to-disconnect-logout-an-active-guest-device/ta-p/467315

 

This is to allow the user to logout, but I think you need something very similar, except the logout. The page descibes, how to get the user details and with those you can provide the user an option to elevate his level. 

 

hope this helps. 

 

BR

Florian


visit our Youtube Channel:
https://www.youtube.com/channel/UCFJCnuXFGfEbwEzfcgU_ERQ/featured
Please visit my personal blog as well:
https://www.flomain.de
Frequent Contributor I

Re: Guest - Return to splash page to re-authenticate?

Thanks, looks interesting, but a bit complicated. I should also add in my scenario that when a user has gone through the splash page for 'basic' access, they are an anonymous guest, so they would not have a guest account to use to log back into the 'logout portal'. So i'm looking for a way to elevate a guest from 'anonymous' to 'registered guest.' I suppose there may be some way to hack together a 'logout' page where they can enter their MAC address, and the page will then go logout that MAC and reset it's MAC cache..

Aruba Employee

Re: Guest - Return to splash page to re-authenticate?

Hi cm119,

 

From my point of view, you don't need the logout. With the logout page from the example, you will get the user session and with that, the mac address and controller and/or ap, the user is connected to. This should be enough to present the user a login page, with a description, that he is using basic access with some limits and to get over this, he simply needs to register. After he enters the details you use the information from the session to either logout the user and reauth the user with the new role or you send a COA. 

 

But the above is just theory, but I have added it to the list of things I need to test. :) 


visit our Youtube Channel:
https://www.youtube.com/channel/UCFJCnuXFGfEbwEzfcgU_ERQ/featured
Please visit my personal blog as well:
https://www.flomain.de
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: