Contributor I

NAS Vendor Settings to Login Sponored Guest After Approval



I'm having difficulty configuring a multi-controller master/local setup where the sponsored guest clicks on the "Log In" button after being approved and Clearpass is suppose to send the HTTP post to the local controller to authenticate the guest. Is there any way to accomplish this without using the built -in certificate which I believe Clearpass is able to intercept and direct appropriately? Would a public CA certificate with additional SAN's for each local controller do the trick?


There could be other ways to get the guest in after the account was approved. Maybe the Log In button can just be a link and DST NAT will just send the user to a login page where he/she enters the credentials manually?


Any input is greatly appreciated. I'm curious what are other people doing as well.




Guru Elite

Re: NAS Vendor Settings to Login Sponored Guest After Approval

The client actually does an HTTPS post to the controller which in return authenticates to ClearPass.


You can use your own cert for the captive portal. I recommend picking a user friendly name and using that certificate across all of your controllers for captive portal. Something like "" or something.

| Tim Cappalli | Aruba Security | @timcappalli | |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
Showing results for 
Search instead for 
Did you mean: