Wireless Access

last person joined: 12 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Roaming guest authentication without captive portal

This thread has been viewed 0 times

  • 1.  Roaming guest authentication without captive portal

    Posted Nov 08, 2013 03:36 PM

    I have a client that would like to roam from location to location and not have to reauthenticate with the captive portal. Unfotunately, not all my locations terminate to the same WLAN controller and therefore even though they are within the User Idle Timeout period, when they connect to the guest SSID, it presents them with the captive portal page. I'm hoping there might be a way where there iOS device remembers their credentials and seemlessly in the background pass those credentials through without having the captive portal page come up. I guess what the real question is, can there be other method of a guest client authenticating with Internal DB user credentials without it being via the captive portal.

     

    Regards,

    Tony Marques



  • 2.  RE: Roaming guest authentication without captive portal

    EMPLOYEE
    Posted Nov 08, 2013 03:39 PM
    Do you have ClearPass? It has a feature called MAC caching that will bypass
    the captive portal for previously authenticated clients for a specified
    amount of time.


  • 3.  RE: Roaming guest authentication without captive portal

    Posted Nov 08, 2013 03:42 PM

    Unfortunately, we do not. We haven't yet invested in a NAC or anything similar to that.



  • 4.  RE: Roaming guest authentication without captive portal

    EMPLOYEE
    Posted Nov 09, 2013 03:32 PM

    Unfortunately, without using 802.1x or a guest management system such as ClearPass, there is no way for the device to cache captive portal credentials across controllers.



  • 5.  RE: Roaming guest authentication without captive portal

    Posted Nov 11, 2013 11:35 AM

    Can the controller be configured to accept local user login credentials without a captive portal? If I can get a guest be prompted to loging with a captive portal I would play around with that and see if I can get to the ultimate goal.

     

    Regards,

    Tony Marques



  • 6.  RE: Roaming guest authentication without captive portal

    Posted Nov 11, 2013 11:36 AM

    Sorry I meant to say, if I can get a guest to be prompted to login with a captive portal spalsh page I can do some testing with that.



  • 7.  RE: Roaming guest authentication without captive portal

    Posted Nov 11, 2013 11:37 AM

    Sorry did it again. WITHOUT a captive portal. :smileyfrustrated::smileyfrustrated:



  • 8.  RE: Roaming guest authentication without captive portal

    Posted Nov 11, 2013 02:49 PM

    I found documentation on how to terminate 802.1x authentication on the controller and that is worknig for me. Thanks for the assistnace.



  • 9.  RE: Roaming guest authentication without captive portal

    EMPLOYEE
    Posted Nov 11, 2013 04:15 PM

    The only way would be using 802.1x, or a WPA2-PSK network.  Your challenge with those is that you have to give guest users instructions.  For most, it is a reasonable expectation if they encounter a new site that they be required to login to the Captive Portal..