I have followed this http://community.arubanetworks.com/t5/Controller-Based-WLANs/How-do-I-redirect-guest-access-across-a-GRE-tunnel-to-a-DMZ/ta-p/183468 docs to configure DMZ for guest controller,
Here we are using master controller as auth server. Is there a way we can use DMZ controller as auth server ?
I cannot open that link. You can make the DMZ controller do the authentication by making that side of the tunnel untrusted. The benefit of making the controller that the AP terminates on authenticate the user is that the association and authentication table will have to user on the correct AP, authenticated with the correct name. If you have the DMZ controller authenticate users, you cannot really track what AP that user is on.
Any users that pass through the "untrusted" side of the tunnel will end up in the logon role on the DMZ controller. That means you need to create a captive portal authentication profile and edit the "logon" role to have that captive portal authentication profile on the DMZ controller.
Please see the post here: http://community.arubanetworks.com/t5/Controller-Based-WLANs/How-do-I-redirect-guest-access-across-a-GRE-tunnel-to-a-DMZ/ta-p/183468
Start reading "Configure the DMZ Controller". *The configuration for the DMZ controller has it natting the user traffic, but that is optional*
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.