11-19-2015 11:46 AM
I'm having difficulty configuring a multi-controller master/local setup where the sponsored guest clicks on the "Log In" button after being approved and Clearpass is suppose to send the HTTP post to the local controller to authenticate the guest. Is there any way to accomplish this without using the built -in securelogin.arubanetworks.com certificate which I believe Clearpass is able to intercept and direct appropriately? Would a public CA certificate with additional SAN's for each local controller do the trick?
There could be other ways to get the guest in after the account was approved. Maybe the Log In button can just be a link and DST NAT will just send the user to a login page where he/she enters the credentials manually?
Any input is greatly appreciated. I'm curious what are other people doing as well.
Solved! Go to Solution.
11-19-2015 11:50 AM
The client actually does an HTTPS post to the controller which in return authenticates to ClearPass.
You can use your own cert for the captive portal. I recommend picking a user friendly name and using that certificate across all of your controllers for captive portal. Something like "wifi.domain.com" or something.
| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |