Wireless Access

Reply
Highlighted
Guru Elite

Re: APs in Bridge Mode and external server (ClearPass) for Captive Portal authentication?

You would deploy Instant APs at that site.  They do not require a controller and would support your use case.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Guru Elite

Re: APs in Bridge Mode and external server (ClearPass) for Captive Portal authentication?

To be clear, Aruba sells UAPs or Universal APs that support either mode (Instant or Campus), so you can support either use case with the same hardware.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Frequent Contributor II

Re: APs in Bridge Mode and external server (ClearPass) for Captive Portal authentication?

Sure, then we lose mobility master, live upgrade, and all those campus AP features. We are evaluating Central for remote sites and IAPs, so that would really be a requirement then for this use case. 

 

Also, when I configured an AP in wired bridge mode (in MM), i get a warning: "802.1X and Captive portal authentication is not supported in wired Bridge mode". However I do not see the 802.1x limitation listed in the 8.3 user guide under 'forwarding mode features not supported', and i also just tested it with 802.1x auth and it worked fine. Is that a bogus warning message (for 802.1x) in the MM UI? Or is that referencing 802.1x specifically for captive portal/CoA?

Highlighted
Frequent Contributor II

Re: APs in Bridge Mode and external server (ClearPass) for Captive Portal authentication?

One more related question, what if the AP is in 'wired bridge mode' (for example a mesh AP supporting point to point bridge), but then I add our Guest WLAN that is set for Tunneled mode onto that AP. Does that also break captive portal, or as long as the WLAN is in Tunneled mode, it will work?

Highlighted
Occasional Contributor II

Re: APs in Bridge Mode and external server (ClearPass) for Captive Portal authentication?

Hi,

I always wanted to test this, but haven't so dont know yet if it does. Some things to maybe look at, if your Clearpass or portal is central, you need to make sure there is full routing between the client and captive portal when doing bridge mode. Perhaps look at split tunnel aswell, redirect to portal using tunnel all else local. I will be setting up a test lab soon to test this. Will share the outcome.

Get Outlook for Android
Highlighted
Guru Elite

Re: APs in Bridge Mode and external server (ClearPass) for Captive Portal authentication?


@cm119 wrote:

One more related question, what if the AP is in 'wired bridge mode' (for example a mesh AP supporting point to point bridge), but then I add our Guest WLAN that is set for Tunneled mode onto that AP. Does that also break captive portal, or as long as the WLAN is in Tunneled mode, it will work?


As long as the SSID is tunneled, Captive Portal should work.  It is discouraged from supporting clients on the mesh radio, however.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: