Security

Hi,

 

I have a requirement where i need to integrate CPPM with Aruba controller, cisco switches (2900) and HP switches for Onboarding. Integration with Aruba wireless solution has been completed, but I am having a hard time integrating with Cisco and HP switches. Pls help with any solution documents or step by step guide to achieve this.

thanks in advance.

specifially onboarding? are you going to onboard wired users? what exactly is the scenario here?

 

looking at the basic requirements for that you have to be able to do captive portal redirect. something i don't expect on a cisco 2900 (EOL for ages), or is it a more recent model? for the HP it depends on the model / firmware.

thanks for your reply. Requirement is to onbaoard wired users. Cisco switch- 2960 ; HP switch- 5500.

first of all i personally always get a bit annoyed when i hear the requirement is ... without a good argument. but that is up to you to get in to with the customer.

 

it seems both the cisco 2960 and hp 5500 support L3 http redirection.

 

https://supportforums.cisco.com/discussion/11458526/not-working-central-web-authentication-switch-and-identity-service-engine

 

called portal in this HP document, it does mention: available only on the HP 5500 EI series.

 

http://h17007.www1.hp.com/device_help/H3C-Manuals/5500/5500-Configuration-Guide%28R2215%29.pdf

 

the general idea is you configure the switchport with dot1x and portal fallback. a non onboarded user will be redirected to the portal page on the CPPM and start the onboard proces there. during the proces you will probably  get a certificate to be able to do dot1x authentication after the onboarding proces.

 

this isn't the easiest of configs, it might be wise to look into working with your Aruba partner on this.

Onboarding successfully tested on Cisco 2960. Enclosed configs where used on cisco switch. Looking forward to test on HP switches now, but cannot find any relevant documents. 

Hi, can you share the configuration on the Clearpass as well. I am having issue redirecting my user to the Onboard Captive Portal with Cisco Catalyst 9200

Original Message:
Sent: Sep 21, 2015 12:40 AM
From: mohann
Subject: Onboarding clients using Cisco and HP switches

Onboarding successfully tested on Cisco 2960. Enclosed configs where used on cisco switch. Looking forward to test on HP switches now, but cannot find any relevant documents. 

You are responding to a very old post. If you configured captive portal redirects on your C9200 and you can't make it work, it may be best to work with your Aruba partner or Aruba support as without additional information it's hard to assist. If you have a look interactively with someone and check on the ClearPass what it returned and on the switch what is received and applied, it should be possible the quickly find and fix the issue.

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------

Original Message:
Sent: Feb 15, 2023 01:24 AM
From: aniqzumarziyad
Subject: Onboarding clients using Cisco and HP switches

Hi, can you share the configuration on the Clearpass as well. I am having issue redirecting my user to the Onboard Captive Portal with Cisco Catalyst 9200

Original Message:
Sent: Sep 21, 2015 12:40 AM
From: mohann
Subject: Onboarding clients using Cisco and HP switches

Onboarding successfully tested on Cisco 2960. Enclosed configs where used on cisco switch. Looking forward to test on HP switches now, but cannot find any relevant documents.