08-06-2019 10:16 PM
I have a Clearpass server in version 6.8 in use.
Since this server is not operated at my home, I address it via an external IP address.
Connected there are two different IAP clusters, which I manage with Central.
802.1x Authentication works without problems.
However, the Captive Portal gives me a headache.
-- The Captive Portal can be integrated into the SSID without any problems.
-- The Self Registration or Authentication works without problems.
-- After that I will be redirected to the "Register" or Login page again and again.
I guess this is due to the following settings of the NAS server:
-- I can adjust the NAS server at the normal Capitve Portal as well as at the Self Registration page. Here the login method is adjusted.
Default is: Controller initialized.
There is an item "IP address".
By default it says "securelogin.arubanetworks.com" in it.
As far as I know there should be the IP or name of the controller that is requesting.
In my Integration Guide this is not adapted at all.
Unfortunately I didn't find that much information...
As I said: the IAP are in the LAN, the CPPM external, but reach each other.
What is the best way to do this ?
Or is there another possibility, another login method ?
Solved! Go to Solution.
08-08-2019 01:49 AM
I found out a workaround myself.
1. I have configured "dynamic Address" under "Nas Vendor Settings"
2. Everything else was left to default
Instead of an Guest Application Service, you now need a radius service for the user authentication.
There I set a filter based on SSIDs.
Everything like auth, accounting works fine now.