Wireless Access

Reply
Frequent Contributor I

Roaming guest authentication without captive portal

I have a client that would like to roam from location to location and not have to reauthenticate with the captive portal. Unfotunately, not all my locations terminate to the same WLAN controller and therefore even though they are within the User Idle Timeout period, when they connect to the guest SSID, it presents them with the captive portal page. I'm hoping there might be a way where there iOS device remembers their credentials and seemlessly in the background pass those credentials through without having the captive portal page come up. I guess what the real question is, can there be other method of a guest client authenticating with Internal DB user credentials without it being via the captive portal.

 

Regards,

Tony Marques

Guru Elite

Re: Roaming guest authentication without captive portal

Do you have ClearPass? It has a feature called MAC caching that will bypass
the captive portal for previously authenticated clients for a specified
amount of time.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Frequent Contributor I

Re: Roaming guest authentication without captive portal

Unfortunately, we do not. We haven't yet invested in a NAC or anything similar to that.

Guru Elite

Re: Roaming guest authentication without captive portal

Unfortunately, without using 802.1x or a guest management system such as ClearPass, there is no way for the device to cache captive portal credentials across controllers.


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Frequent Contributor I

Re: Roaming guest authentication without captive portal

Can the controller be configured to accept local user login credentials without a captive portal? If I can get a guest be prompted to loging with a captive portal I would play around with that and see if I can get to the ultimate goal.

 

Regards,

Tony Marques

Frequent Contributor I

Re: Roaming guest authentication without captive portal

Sorry I meant to say, if I can get a guest to be prompted to login with a captive portal spalsh page I can do some testing with that.

Frequent Contributor I

Re: Roaming guest authentication without captive portal

Sorry did it again. WITHOUT a captive portal. :smileyfrustrated::smileyfrustrated:

Frequent Contributor I

Re: Roaming guest authentication without captive portal

I found documentation on how to terminate 802.1x authentication on the controller and that is worknig for me. Thanks for the assistnace.

Guru Elite

Re: Roaming guest authentication without captive portal

The only way would be using 802.1x, or a WPA2-PSK network.  Your challenge with those is that you have to give guest users instructions.  For most, it is a reasonable expectation if they encounter a new site that they be required to login to the Captive Portal..


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: