Hi.
May be you can help me.
I have follow a step by step from this link " https://community.arubanetworks.com/aruba/attachments/aruba/aaa-nac-guest-access-byod/28470/1/Howto%20wired%20Cisco%20MAC%20Caching%20(EN).pdf " for make a cisco wired captive portal, the redirect url work fine, i can open the captive portal, but when i put the credential (user/pass), clearpass puts me back to captive portal role again
I have configured two service a web auth and a raidus mac auth,
here are the services, policy and profiles
web auth service and profiles
mac auth services and profiles
access tracker log,
first mac auth
web auth user pass acepted
Captive portal enforcement again
switch config
aaa new-model
!
!
aaa authentication dot1x default group radius
aaa authorization exec default local group radius
aaa authorization network default group radius
aaa accounting dot1x default start-stop group radius
!
!
aaa server radius dynamic-author
client 172.31.237.251 server-key xxxxxxxx
port 3799
auth-type all
ip dhcp snooping
ip device tracking
dot1x system-auth-control
interface FastEthernet0/1
switchport access vlan 102
switchport mode access
authentication host-mode multi-auth
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication violation protect
mab
dot1x pae authenticator
dot1x timeout server-timeout 30
dot1x timeout tx-period 10
dot1x max-req 3
dot1x max-reauth-req 3
spanning-tree portfast
ip http server
ip http secure-server
ip access-list extended ACL-guest
permit udp any any eq domain
deny ip any 10.0.0.0 0.255.255.255
deny ip any host 172.31.236.1
permit ip any any
ip access-list extended cisco-wired-guest-acl
deny tcp any host 172.31.237.251
permit tcp any any
radius-server attribute 11 default direction in
radius-server vsa send authentication
!
radius server clearpass
address ipv4 172.31.237.251 auth-port 1645 acct-port 1646
key xxxxxxx