Wireless Access

Reply
Highlighted
Contributor II

Re: VPN problems

I'm confused though because I assigned the auth-guest role to the CP profile for the "Default Role" but I see that there's a "Default Guest Role" there as well with "guest" as the default setting. It seems that this role is what is being applied to the users. What's the difference between the two?

Highlighted
Guru Elite

Re: VPN problems


@arubamonkey wrote:

I'm confused though. I assigned the auth-guest role to the Captive Portal default role but there's also a "default guest role" there with "guest" as the default setting. What's the difference between the two?



The Captive Portal default role is the role users get when they authenticate with a username and password, UNLESS the server group attached to the captive portal authentication profile has the server derivation rule has "set role condition Role value-of" which means "take the role that the user is assigned in the local database and override the Captive Portal default role.  The default guest role is what the user is assigned if the captive portal authentication is "email address only".

 

In recap:

 

- Captive Portal users who authenticate with username and password get the Captive Portal default role, unless that user derviation rule in the server group, which would mean they get the role assigned in the local database instead.

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Contributor II

Re: VPN problems

Well, the users I have are using accounts created using the guest provisioning page, so yes, they have to login with a username and password. This means that they should get the auth-guest role as that's what I have assigned under "Default Role" in the CP profile no the guest role under the "Default Guest Role". I don't know where this "email address only" option is.

Highlighted
Guru Elite

Re: VPN problems

But, in the local user database, the user has a role of guest, so combined with that "set role condition Role value-of" server derivation rule (In the Default Server Group), the role becomes guest.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Contributor II

Re: VPN problems

Where's this local user database where the role is guest?

Highlighted
Guru Elite

Re: VPN problems

Type "show local-userdb" and you will see it.  Please also consult our guest Validated Reference Design for many more details on guest access here:  http://www.arubanetworks.com/pdf/technology/AOS_GuestAcccess-AppNote.pdf 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Contributor II

Re: VPN problems

Ah! So you're telling me that when a guest account is created using the guest provisioning page, it is assigned an automatic role of "guest"? Is there a way to change this?

Highlighted
Guru Elite

Re: VPN problems


@arubamonkey wrote:

Ah! So you're telling me that when a guest account is created using the guest provisioning page, it is assigned an automatic role of "guest"? Is there a way to change this?


Yes, it is.  It cannot be changed.

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Occasional Contributor II

Re: VPN problems

Was your VPN prolem resolved?????

 

I am having same Issue, My controll running on IOS 5.0.3.3.

 

Guest user can not able to Loging to thier outside VPN.

 

Please provide me detail information, if anybody resolve this issue....

 

 

Highlighted
Guru Elite

Re: VPN problems

jnlimbachia,

 

What VPN are your guests using?  What is your perimeter firewall?  Are you allowing VPN traffic in your guest role?

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: