Security

Hi

 

I am working in a setup in which the users whom dont have a known MAC address will be assigned to the guest VLAN, and its working fine.

But I want now to redirect their initial web access to the captive-portal page, and then after authentication get full internet access.

What is the procedure for this target?

 

Attached a snapshot for the service I created to authenticate the guest users (non-802.1x enabled users);

if MAC known, then allow-access

if MAC unknown, then assign it to Guest VLAN

 

 

 

Thanks

In this link you can find how the enforcement profile needs to be configured and the ACL on the switch
http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/Cisco-URL-Redirect/td-p/202713

You also need to make sure the following is enabled on the switch:
Ip device tracking
Ip http server
Ip http secure-server

Get Outlook for iOS

Hello Viktor

 

Thank you.

but I think the switch must be L3 and the gateway for guest VLAN must be terminated on the testing switch so the access-list can be applied, else it will not be applied, right?

As i am using Cisco 2960 switch in my setup, and the GW for the guest VLAN is terminated in another switch, so what will be the case here?

 

Thanks

Did you ever get this working? I'm looking at doing the same also with 2960s.

 

Thanks in advance.

No, I didnt give it another try :)

Let me know if you have postive results please