Security

Reply
Highlighted
Contributor I

IAP + ClearPass Self Registration / Captive Portal

Hello,

I have a Clearpass server in version 6.8 in use.
Since this server is not operated at my home, I address it via an external IP address.

Connected there are two different IAP clusters, which I manage with Central.

802.1x Authentication works without problems.
However, the Captive Portal gives me a headache.

-- The Captive Portal can be integrated into the SSID without any problems.
-- The Self Registration or Authentication works without problems.
-- After that I will be redirected to the "Register" or Login page again and again.

 

I guess this is due to the following settings of the NAS server:

 

-- I can adjust the NAS server at the normal Capitve Portal as well as at the Self Registration page. Here the login method is adjusted.
Default is: Controller initialized.
There is an item "IP address".
By default it says "securelogin.arubanetworks.com" in it.

As far as I know there should be the IP or name of the controller that is requesting.

In my Integration Guide this is not adapted at all.
Unfortunately I didn't find that much information...

As I said: the IAP are in the LAN, the CPPM external, but reach each other.

 

What is the best way to do this ?


Or is there another possibility, another login method ?

 

Best Regards

 

#ACMP #ACSP
Contributor I

Betreff: IAP + ClearPass Self Registration / Captive Portal

I found out a workaround myself.

 

1. I have configured "dynamic Address" under "Nas Vendor Settings"

2. Everything else was left to default

 

Instead of an Guest Application Service, you now need a radius service for the user authentication.

 

There I set a filter based on SSIDs.

 

Everything like auth, accounting works fine now.

#ACMP #ACSP
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: