We are a new Aruba customer with a 7210 controller and ClearPass. We have two SSIDs: one for 802.1X, one that is open for device registration. We have followed the AirGroup documentation that we could find to set up CP Guest to allow students to register their devices including AppleTVs, etc., and we have CP services defined that perform MAC authentication against the Guest database to let them on. All of this seems to work fine, so now we are trying to set up AirGroup.
On the controller, we have AirGroup enabled, CPPM enforce registration enabled, the CPPM server selected for the group, and the CPPM server's IP for the RFC 3576 server. The airplay and airprint services are enabled, as well. In CP Guest, we have entered the controller's IP, port 5999, etc. and it successfully reads configuration from the controller.
We have set up CP Guest so that students can login and get "Device Registration" operator role, and we can login as a student ID and add an AppleTV device.
What we see in CP Access Tracker is a failed WEBAUTH source entry that happens when the student ID adds the device in CP Guest (alert says no service matched). Then, when the device is connected, we never see a hit on the AirGroup Authorization Service. Seems like something is not linked up correctly, or we are missing a step. We've followed this guide but admittedly do not understand exactly what is supposed to happen in terms of the flow of registration of a device:
http://community.arubanetworks.com/aruba/attachments/aruba/unified-wired-wireless-access/15478/1/ArubaAirGroup-6136-DG.pdf
Thanks for any help in troubleshooting.
#7210