[prev in list] [next in list] [prev in thread] [next in thread]
List: packetfence-users
Subject: [PacketFence-users] Aruba IAP - Cpative Portal
From: Jeremy Yoke via PacketFence-users <packetfence-users () lists ! sourceforge ! net>
Date: 2021-08-10 14:22:44
Message-ID: 1ba306a6fb6644dca3fe59ad97647cf2 () S-XOL-EXCH01-19 ! esterline ! net
[Download RAW message or body]
Hello All,
I have searched through the archives and see I have a similar problem, but none of \
the answers seem to help or they end in seemingly no conclusion. I have a new install \
of Packetfence 10.2 on Debian 9.13 (Stretch). I am struggling with getting the \
captive portal working in a solid manner with my IAPs (Aruba IAP-225) v6.5.4 (has a \
Virtual Controller)
The captive portal works when I use URL http://my.ip.add/Aruba , but it shows Not \
Implemented when I use http://my.ip.add/Aruba::Instant_Access With the /Aruba URL I \
am able to register and login, it unfortunately does not assign my role. In the \
auditing it says it gets no response - Reply-Message = Error - Timeout
If I disconnect and reconnect I am fully connected and the internet works as it \
should. I believe however that having to disconnect and re-connect is not an \
efficient method. I have tried with COA, without COA, With a controller IP and \
without. Deauthentication method as Blank and as RADIUS as well as several of these \
combinations. I maybe missing the right ones.
Anyone have a full write up on the configuration or fields that need to be filled on \
PF? Unfortunately the guide does not cover captive portal with Instant Access. Also \
a config for the IAP?
Switches.conf
[10.1.145.100]
group=Aruba_IAP
description=Aruba VC
[10.1.145.105]
group=Aruba_IAP
description=Operations
[group Aruba_IAP]
type=Aruba::Instant_Access
radiusSecret=mysecret
description=Aruba Wireless AP
VoIPDHCPDetect=N
defaultRole=Test
registrationRole=registration
RoleMap=Y
registrationUrl=http://10.1.145.113/Aruba::Instant_Access
guestRole=guest
ExternalPortalEnforcement=Y
guestAccessList=guest
AccessListMap=Y
registrationAccessList=registration
defaultAccessList=Test
VlanMap=N
UrlMap=Y
useCoA=N
On IAP this is what I have:
wlan access-rule registration
Some settings/rules
wlan access-rule guest
Some Settings/rules
wlan auth-server packetfencer
ip 10.1.145.113
port 1812
acctport 1813
retry-count 5
key *****************
rfc3576
cppm-rfc3576-port 5999
wlan ssid-profile Test
enable
index 3
type guest
essid Some-Guest
opmode opensystem
max-authentication-failures 0
vlan 159
auth-server packetfencer
set-role-pre-auth registration
rf-band all
captive-portal external profile packetfencep
mac-authentication
dtim-period 1
broadcast-filter arp
radius-accounting
dmo-channel-utilization-threshold 90
local-probe-req-thresh 0
max-clients-threshold 64
wlan external-captive-portal packetfencep
server 10.1.145.113
port 80
url "/Aruba"
auth-text ""
redirect-url https://www.myinternetpage.com/
auto-whitelist-disable
server-offload
Jeremy Yoke
Info Tech Manager
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic