Security

last person joined: 8 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Some (authenticated) 802.1x users are being redirected to a captive portal

This thread has been viewed 3 times

  • 1.  Some (authenticated) 802.1x users are being redirected to a captive portal

    Posted Jul 02, 2019 01:44 PM

    A few of our wireless users are seeing this message throughout the day on our authenticated WiFi SSID. Does anyone know why this might be happening?

    From a security point of view, if someone is successfully connected via 802.1x why would they suddenly be dropped into a logon role? The default role for our employee SSID is "authenticated".

    Screen Shot 2019-07-02 at 1.42.02 PM.png



  • 2.  RE: Some (authenticated) 802.1x users are being redirected to a captive portal

    EMPLOYEE
    Posted Jul 02, 2019 02:11 PM

    Find out what role those users are ending up in and why.

     

    Type "show user-table ip <ip address of user>"

     

    The output will tell you how the user obtained that vlan and role:

     

    Name: employee IP: 192.168.1.188, MAC: 3c:28:6d:05:c2:c9, Age: 00:00:27
    Role: authenticated (how: ROLE_DERIVATION_DOT1X), ACL: 88/0
    Authentication: Yes, status: successful, method: 802.1x, protocol: EAP-PEAP, server: ClearPass
    Authentication Servers: dot1x authserver: ClearPass, mac authserver:
    Bandwidth = No Limit
    Bandwidth = No Limit
    Role Derivation: ROLE_DERIVATION_DOT1X
    VLAN Derivation: Default VLAN