Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Guest Wireless Design

This thread has been viewed 8 times

  • 1.  Guest Wireless Design

    Posted Feb 24, 2020 01:04 PM

    Hi all,

     

    I'm just making sure I've designed this implementation correctly. My site has a guest vlan that is not routed internally in anyway. It only grants users access to the external net. To implement a guest wireless network, I need to be able to have my guest users authenticate via a captive portal. To make this portal available on a isolated network, I'd need to make the controller publicly available, right? in my mind the workflow should operate like this:

     

    User connects to guest network -> controller redirects to guest captive portal -> redirect sends them to public DNS/IP of controller (mycontroller.contoso.com) -> controller forwards request to CPPM -> CPPM returns captive portal back to client -> client authenticates against captive portal 

     

    Does this make sense or am I going off the rails?  



  • 2.  RE: Guest Wireless Design

    MVP GURU
    Posted Feb 24, 2020 01:12 PM

    The client would have to directly interact over HTTPS to CPPM for the captive portal page. You could control access form the controller via a logon role, or at the firewall level. The controller would also need to have a L3 interface in the guest network in order to perform the captive portal redirect.



  • 3.  RE: Guest Wireless Design

    Posted Feb 24, 2020 01:47 PM

    ok so in my scenario I'd be exposing CPPM to the external net, not the controller?