clearpass with wlc captive portal
02-20-2018 09:07 AM
I really need your help with an issue with clearpass captive portal.
I have a movility controller 7010 and a clearpass 6.7, when i use guest with a internal captive portal all work fine, but when i use ClearPass the portal page it launch good, the formulary of self registration work fine too, but in the last step when I put login doesn't pass the authentication and stays on the same page.
In the clearpass side i have configure the folowing:
- NETWORK DEVICE: ip controller and radius credential with coa 3799
- SERVICE: guest access service generic radius with the value of the SSID, authentication, PAP, MSCHAP, CHAP, eappeap, and authorization, user user repository and local user repository. role and enforcemnt by default.
the guest module of the clearpass has the self-registration page and i think is fine because i have a instant with external captive portal and uses the same page and work without problem.
In the controller side.
. the initial role i think that is fine because the login page is showing and the guest get a ip adress with dns, here i put the correct captive portal profile.
- the captive portal profile has the login page of cleapass that is fine too, and the default role is guest (default), also here i have the server group with the clearpass radius with the clearpass IP and radius credential and the username and password of clearpass (api admin)
- in the aaa profile i have select the correct initial role and the rfc 3576 with the clearpass ip address and radius credential
- In the vap i have select the correct aaa profile and in the ssid profile is none and open.
I followed the steps that i think are fine, but don't work.
Please any suggestions ?, think that with instant cluster work fine , with the same clearpass page but with other service that is identical to the other, only change the ssid value and the network device.