Wireless Access

last person joined: 20 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

guest network design

This thread has been viewed 7 times

  • 1.  guest network design

    Posted Jun 14, 2012 10:58 AM
    Can someone point me to a vrd for a guest network design with clear pass guest... are people putting clear pass guest into dmz or internally? The vrd I have read seems to suggest internally


  • 2.  RE: guest network design

    Posted Jun 26, 2012 09:32 AM

    Hi there,

    i've just posted a scenario using IAP's and a ClearPass using external Captive Portal.

    Hopefully i will get some support on why my deployment doesnt work.

    Check back later for the answers.

    link here: http://community.arubanetworks.com/t5/Access-Points-and-Mesh-Routers/IAP-105-and-new-Clearpass-Captive-portal-issues/m-p/38242



  • 3.  RE: guest network design

    Posted Jun 26, 2012 09:39 AM

    Hi john,

     

     

    I am a begineer, but out of curiousity do you do a source nat on your guest machines IP when they call out to the captive portal?  There was a lot of detail in your post and I wasn't sure if I missed that?  AFAIK the guest machine needs to connect directly to clearpass guest - much like if the guest was accessing a webserver.  So if you are unauthenticated and you had ping open you should be able to ping etc , but VRDs I have read only suggest DNS, DHCP, HTTP (to clearpass) HTTPS (to clearpass) of course

     

    Good luck!

     

    Cheers



  • 4.  RE: guest network design

    Posted Jun 26, 2012 09:56 AM

    Hi there, you are correct. On the ArubaOS based controllers i can redirect all traffic to the CP device, correct.

    On the IAP, your options are somewhat limited ;) thanks for the heads up tho.