Security

Reply
Highlighted
Occasional Contributor II

Guest login failing with Airwave IGC enabled for IAP cluster

Hi, I have a cluster of AP 515 (8.6.0.0) and Airwave (8.2.10.1). I have installed public certificate in Airwave for captive portal and enabled IGC for the IAP cluster. I have ssh to random IAP and entered the command 'show cert all' and see it has the installed public certificate under captive portal server.

A guest user associates to the guest SSID and was redirected to the portal page hosted on CPPM. After the guest user enters the credentals, they got a page that says not secure (the default site is www.youtube.com). The role of the guest user was still 'prelogin'. It seems like the redirection by ClearPass back to the IAP is working except that IAP can't/fail to send RADIUS authentication to ClearPass as there was no corresponding entry in Access Tracker

I disabled IGC on Airwave (no other configuration changes) and repeated the test. Guest user completes authentication and was assigned 'guest' role and got onto the Internet successfully.

Would be grateful for some advice. Thanks. 


Accepted Solutions
Highlighted
Occasional Contributor II

Re: Guest login failing with Airwave IGC enabled for IAP cluster

Hi Pavan

 

Sorry for the late reply. Airwave wasn't used to push the certificate to the IAP cluster initially. Rectified that. 

After some troubleshooting, it turned out to be a machine issue. The customer's laptop hasn't been shutdown or rebooted for long time and it was used to test captive portal, dot1x, etc. He reported all was working though nothing changed on the network/cppm side. It turns out he shutdown his laptop the previous day and everything started from afresh. 

Should have tried the guest portal on other devices. 

Thanks for your reply. Appreciate it. 

View solution in original post


All Replies
Highlighted
MVP Expert

Re: Guest login failing with Airwave IGC enabled for IAP cluster

Are you using Airwave to push CA signed certificate to IAPs? Did you try access the IAP WEB after certificate installation, does it prompted any security error?

 

Airwave does not cause any issue related to page redirection.

 

 


Pavan Arshewar | ACCP

If my post address your queries, give kudos and accept as solution!
NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Highlighted
Occasional Contributor II

Re: Guest login failing with Airwave IGC enabled for IAP cluster

Hi Pavan

 

Sorry for the late reply. Airwave wasn't used to push the certificate to the IAP cluster initially. Rectified that. 

After some troubleshooting, it turned out to be a machine issue. The customer's laptop hasn't been shutdown or rebooted for long time and it was used to test captive portal, dot1x, etc. He reported all was working though nothing changed on the network/cppm side. It turns out he shutdown his laptop the previous day and everything started from afresh. 

Should have tried the guest portal on other devices. 

Thanks for your reply. Appreciate it. 

View solution in original post

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: