Security

So here is the Issue.

We are trying to auto populate the mac address in the field below.The only thing that we have found regarding the configuration is these steps:

Automatically Supplying the MACTrac Device Address

To ensure that the MAC address, device type, and browser vendor/version are prepopulated on the MACTrac Register

Device form, verify that these options are set in the Mobility Controller.

To set MACTrac prepopulating options:

1. Log in to the Mobility Controller.

2. In the Configuration tab, go to Security > Authentication in the left menu.

3. Click the L3 Authentication tab, then choose Captive Portal Authentication Profile > cpg-qa-captiveportal.

4. On the form, mark the check box in the Add switch IP address in the redirection URL row.

Any thoughts?

We currently have our controller on 6.3. I didn't see the option to pass the mac to the captive portal. Is this located in same location as "Add switch IP address in the redirection URL"?

My apologies...this is not an option.  I was thinking too quickly!!!

So...I don't think this is an option really as to automatically get the MAC, it is derived from a URL redirect.  If you are getting to this page, are you going through a redirect process on the controller?

Currently this is our setup:

The user connects to the SSID "GUEST"

After connecting to "GUEST", the user browseres to any website and then is redirected to byod.mosstele.com/guest

After the they are redirected, the user is prompted for his/her username and password

After the user has been authenticated, they are redirected to the "Register Device" screen.

I don't see the mac or the switch ip in the URL of the first page.  Regardless...this won't be carried over into the second device registration page unfortunately.

This is the URl they are redirected with

https://byod.mosstele.com/guest/auth_login.php?target=%2Fguest%2F%3Fcmd%3Dlogin%26switchip%3D10.0.0.11%26mac%3D00%3A27%3A10%3Ad4%3A5d%3Adc%26ip%3D172.29.18.49%26essid%3DGUEST%26apname%3DMedia%2520Room%26apgroup%3Ddefault%26url%3Dhttp%253A%252F%252Fyahoo%252Ecom%252F.

You can try rewriting the URL with PHP.

We ran into a similar issue where before the ClearPass login, we had an intermediate screen giving directions. When you select Guest vs Brandeis user button, you would lose all of the info in the URL.

It pretty much strips everything after the PHP and stores it to a variable which you can print out later on a new URL.

<?php
	function curPageURL() {
		$pageURL = 'http';
			if ($_SERVER["HTTPS"] == "on") {$pageURL .= "s";}
				$pageURL .= "://";
			if ($_SERVER["SERVER_PORT"] != "80") {
				$pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
					} else {
						$pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
					}
				return $pageURL;
			}
		$fullURL = curPageURL();
		$baseURL = strstr($fullURL, '?');
?>

<li><a href="https://<clearpass-fqdn>/guest/unknown-device-reg-sso.php<?php echo $baseURL; ?>"

Hello,

Saw that I never updated my end result with this issue. I was apply to figure out that the problem was with the redirect on the controller. When I changed the page direclty to the mac creat page then the MAC address populated correctly. 

Hi @cappalli

is there a way to add this code into the mactrac device registration redirect? I have a link to add device on a guest landing page. That then redirects to the operator login page which then redirects (on succesfull auth) to the device registration page. These all look hardcoded to me so I can't see how it can be done.

these are user devices. We are trying to offer a kind of BYOD where users register their devices themselves 

Add this to the end of your link:

?{$smarty.server.QUERY_STRING|escape}

Example:

https://clearpass.arubaboston.com/guest/mac_create.php?{$smarty.server.QUERY_STRING|escape}