Wired Intelligent Edge (Campus Switching and Routing)

New Contributor

Wired Captive Portal and Cisco switches

Is it posible to configure wired captive portal on Aruba controller and Cisco switches? Controller is connected via trunk port-channel to cisco switch. When computer is connected to switch on port where is configured untrusted vlan it should get captive portal. Computer gets IP address from DHCP server and it has default gateway set to router. How to tunnel traffic from Cisco switch to controler on that specyfic vlan. I know there is tunnel-node on Aruba switches but how to do it on cisco?



Re: Wired Captive Portal and Cisco switches

You can do this but you need to just trunk the VLAN to the edge port on the Cisco and terminate that VLAN on the controller in an untrusted configuration.


The tunnel configuration you are asking about is for Aruba switches only...I recommend this route! :)

Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
Email: seth@hpe.com
If you found my post helpful, please give kudos
Guru Elite

Re: Wired Captive Portal and Cisco switches

You could also use ClearPass "natively" with your Cisco switches for web auth/captive portal.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.

Re: Wired Captive Portal and Cisco switches

Read this for a quick summary:  https://arubanetworkskb.secure.force.com/pkb/articles/HowTo/R-1183.


In order for this to work, the controller needs to see this traffic.  You mention that your default gateway is the router; try changing that to the controller so the traffic is forced through the untrusted port.

Systems Engineer, Northeast USA

Super Contributor I

Re: Wired Captive Portal and Cisco switches

Default gateway on controller is preferred, but alternative is throwing the vlan on the Cisco switch into a GRE tunnel between switch and controller. Traffic them flows client > switch > tunnel > controller > router.
Ryan Holland, ACDX #1 ACMX #1
The Ohio State University
New Contributor

Re: Wired Captive Portal and Cisco switches

Thank you all for reply.

I don't want to change default gateway to controller so better for me will be GRE tunnels. How to configure it? I know how to untrust vlan and assign wired profile to it but I don't have clue how to make GRE tunnels between cisco and aruba and send only one vlan. Is there same kind of manual or can someone please write me some config?

MVP Expert

Re: Wired Captive Portal and Cisco switches

Funny, my boss came in this mornign and requested I figure this out for our environment.


My Cisco tunnel isn't making sense to me. (My Cisco tunnel-fu is very weak)


Anyone have a code-snippet to share?


if I've helped, please give kudos
if I've provided a solution, please mark the solution so others can find it
Search Airheads
Showing results for 
Search instead for 
Did you mean: