Security

last person joined: 21 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

NAS Vendor Settings to Login Sponored Guest After Approval

This thread has been viewed 2 times

  • 1.  NAS Vendor Settings to Login Sponored Guest After Approval

    Posted Nov 19, 2015 02:47 PM

    Airheads,

     

    I'm having difficulty configuring a multi-controller master/local setup where the sponsored guest clicks on the "Log In" button after being approved and Clearpass is suppose to send the HTTP post to the local controller to authenticate the guest. Is there any way to accomplish this without using the built -in securelogin.arubanetworks.com certificate which I believe Clearpass is able to intercept and direct appropriately? Would a public CA certificate with additional SAN's for each local controller do the trick?

     

    There could be other ways to get the guest in after the account was approved. Maybe the Log In button can just be a link and DST NAT will just send the user to a login page where he/she enters the credentials manually?

     

    Any input is greatly appreciated. I'm curious what are other people doing as well.

     

    Thanks,

    Peter



  • 2.  RE: NAS Vendor Settings to Login Sponored Guest After Approval
    Best Answer

    EMPLOYEE
    Posted Nov 19, 2015 02:51 PM

    The client actually does an HTTPS post to the controller which in return authenticates to ClearPass.

     

    You can use your own cert for the captive portal. I recommend picking a user friendly name and using that certificate across all of your controllers for captive portal. Something like "wifi.domain.com" or something.