New Contributor

Some (authenticated) 802.1x users are being redirected to a captive portal

A few of our wireless users are seeing this message throughout the day on our authenticated WiFi SSID. Does anyone know why this might be happening?

From a security point of view, if someone is successfully connected via 802.1x why would they suddenly be dropped into a logon role? The default role for our employee SSID is "authenticated".

Screen Shot 2019-07-02 at 1.42.02 PM.png

Guru Elite

Re: Some (authenticated) 802.1x users are being redirected to a captive portal

Find out what role those users are ending up in and why.


Type "show user-table ip <ip address of user>"


The output will tell you how the user obtained that vlan and role:


Name: employee IP:, MAC: 3c:28:6d:05:c2:c9, Age: 00:00:27
Role: authenticated (how: ROLE_DERIVATION_DOT1X), ACL: 88/0
Authentication: Yes, status: successful, method: 802.1x, protocol: EAP-PEAP, server: ClearPass
Authentication Servers: dot1x authserver: ClearPass, mac authserver:
Bandwidth = No Limit
Bandwidth = No Limit
VLAN Derivation: Default VLAN

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Search Airheads
Showing results for 
Search instead for 
Did you mean: