Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Redirect back to CPPM after "guest login"

This thread has been viewed 12 times

  • 1.  Redirect back to CPPM after "guest login"

    Posted Jul 11, 2017 02:29 PM

    Hi,

     

    I am trying to setup a captive portal with only an Accept Terms and Cond button, with Aruba controller and Clearpass 6.6

    So far it works to connect to the SSID, i get redirected to the captive portal, I can check the "I accept", but when I press Log In i get redirected to the Clearpass tips page and if I try to browse to another page I get redirected back to the logon screen.

    When I look in the controller I still have the guest-logon role and not the guest role.

    I have tried to force it to redirect to arubanetworks.com after login but that doesn't happen ether. 

     

    The Default role and Default Guest Role is set to guest.

     

    Note: I have set everything to do http, since this is a lab and I am not able to get a certificate. Not sure if this has any impact.

     

    Do anyone have an idea what could be wrong?

     

    Edit: Some show commands that might help

     

    (Aruba7005) #show aaa authentication captive-portal guest-free-cp_prof

    Captive Portal Authentication Profile "guest-free-cp_prof"
    ----------------------------------------------------------
    Parameter Value
    --------- -----
    Default Role guest
    Default Guest Role guest
    Server Group cppm-grp
    Redirect Pause 10 sec
    User Login Disabled
    Guest Login Disabled
    Logout popup window Disabled
    Use HTTP for authentication Enabled
    Logon wait minimum wait 5 sec
    Logon wait maximum wait 10 sec
    logon wait CPU utilization threshold 60 %
    Max Authentication failures 0
    Show FQDN Disabled
    Authentication Protocol PAP
    Login page http://192.168.0.6/guest/free.php
    Welcome page /auth/welcome.html
    Show Welcome Page No
    Add switch IP address in the redirection URL Disabled
    Adding user vlan in redirection URL Disabled
    Add a controller interface in the redirection URL N/A
    Allow only one active user session Disabled
    White List N/A
    Black List N/A
    Show the acceptable use policy page Disabled
    User idle timeout N/A
    Redirect URL N/A
    Bypass Apple Captive Network Assistant Disabled
    URL Hash Key N/A

     

     

    (Aruba7005) # show rights guest-free-guest-logon

    Valid = 'Yes'
    CleanedUp = 'No'
    Derived Role = 'guest-free-guest-logon'
    Up BW:No Limit Down BW:No Limit
    L2TP Pool = default-l2tp-pool
    PPTP Pool = default-pptp-pool
    Number of users referencing it = 4
    Periodic reauthentication: Disabled
    DPI Classification: Enabled
    Youtube education: Disabled
    Web Content Classification: Enabled
    ACL Number = 64/0
    Max Sessions = 65535

    Check CP Profile for Accounting = TRUE
    Captive Portal profile = guest-free-cp_prof

     

    Edit2: I am able to ping internet, but when I try to browse I just get back to the portal. My best guess is that it is because I am not getting the right role after login but I cant figure out why.



  • 2.  RE: Redirect back to CPPM after "guest login"
    Best Answer

    Posted Jul 17, 2017 07:37 AM

    Problem solved. Sometimes it's the simplest things.

    The User Logon checkbox wasn't checked in the controller. 

     



  • 3.  RE: Redirect back to CPPM after "guest login"

    Posted Sep 16, 2019 08:33 AM

    Hi. 

    I'm stuck at the exact same scenario as you but I can't find the "User Checkbox" you're referring to. 

     

    Is it under WLAN settings on the Mobility Device/Controller? Do you have a print screen you can provide for me? Thanks