Wireless Access

last person joined: 15 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

captive portal and dest-nat

This thread has been viewed 3 times

  • 1.  captive portal and dest-nat

    Posted Apr 01, 2015 10:00 AM

    Hi all, have a need to configure guest access via CP and then dest-nat to a transparent proxy, confused in which order to put the policies.

     

    Tested proxy with a dest-nat rule and works fine but need CP first to authenticate.  

     

    Thanks



  • 2.  RE: captive portal and dest-nat

    Posted Apr 01, 2015 10:07 AM

    The Initial role on your AAA service should be the guest-logon role

    2015-04-01 10_04_27-Security User Roles.png

    2015-04-01 10_05_32-Authentication Profiles.png

     

    And then in the Captive Portal Auth Profile you define the Guest Proxy Role

    2015-04-01 10_06_59-L3 Authentication.png



  • 3.  RE: captive portal and dest-nat

    Posted Apr 01, 2015 10:08 AM

    HI,

    CP policy should be mapped to logon role at initial role ( AAA profile ) and you need to add a policy to NAT the traffic to Proxy in the role mapped as the guest-user role through CP profile.

     

    Please feel free for any further clarity on this.