Security

Reply
Highlighted
Frequent Contributor I

Mobility Master plus Clearpass Guest

Having an issue getting guest working on Clearpass with my mobility master.

 

I can get the web login page to pop. I am able to create or login to the account, however I do not ever get authenticated.

 

I believe the problem lies in the web login pafe, where it asks for the Vendor address/hostname. I've tried both the MC and the MM IP address and both give me failure messages.

 

In my 6.x deployment I used the Master contoller hostname and it works fine.

 

Is there a document somewhere that covers how to do this?

 

Thanks.

Guru Elite

Re: Mobility Master plus Clearpass Guest

The hostname in CPG is the CN of your captive portal certificate.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Frequent Contributor I

Re: Mobility Master plus Clearpass Guest

OK - right.

 

So I assume that gets loaded on the Managed Network and not the MM?

 

 

Thanks.

Frequent Contributor I

Re: Mobility Master plus Clearpass Guest

To reply directly to your question, yes, it is on the Managed Network and not the Mobility Master branch of the configuration tree.

 

The default controller certificate is securelogin.arubanetworks.com. If you haven't tried that already, give it a shot. Your client will throw a cert warning in the browser, but it should at least get you that far and let you through if you accept the warning. Once you get it working with the default cert, you can upload the externally signed cert to replace it.

 

Also don't forget the captiveportal ACL at the bottom of your logon role.

Tim Haynie, ACMX #508, CWNE #254, ACCP, CCNP R/S, CCNP Wireless, CCNA Security, CCDA
Frequent Contributor I

Re: Mobility Master plus Clearpass Guest

I added the cert there and updated Clearpass guest.

 

This is what I am getting when it should be processing the login on the controller:

 

Capture.PNG

MVP Guru

Re: Mobility Master plus Clearpass Guest

Did you replaced the controller default certificate for the captive portal profile?

Can you validate that the RADIUS shared key is correct ?



Sent from Mail for Windows 10
Thank you

Victor Fabian
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: