Link Search Menu Expand Document
Table of contents

Appendix A: How to Find ClearPass Details for the Visitor WLAN

This section outlines the procedure to collect captive portal information and VRRP VIP information from ClearPass Policy Manager that is needed to configure Visitor WLAN.

Find the Captive Portal Information

Step 1 Open a new browser tab, connect to one of the ClearPass servers, and login to ClearPass Guest with administrator credentials.

Step 2 From the left navigation menu, select Configuration, use the + sign to expand Pages, and then select Web Logins.

Step 3 Select the name of the already configured Web Login and then click Edit.

Step 4 Copy and store for later use the values found in Page Name and Address.

Step 5 Using the Menu at the up right, select Logout.

CAUTION:
Some legacy versions of AOS8 use a certificate with the name of securelogin.arubanetworks.com. All versions of AOS released since 2020 now use a certificate with the name securelogin.hpe.com. If this is a mixed environment where the legacy certificate is still in use, you may need to clone/duplicate the page to use another certificate. It is best practice to replace the certificate with a publicly signed one. If the certificate is replaced this issue is avoided but the Address in the web login will need to reflect the Common Name (CN) assigned to the certificate when it was issued.
NOTE:
This procedure uses the default certificate. It is best practice to replace the certificate with a publicly signed one. See the caution section above.

Find the ClearPass VRRP VIP

When following best practices and using more than one ClearPass Server for network authentication, the captive portal address or hostname in the WLAN Access Policy must be the VRRP address of the ClearPass servers. The following procedure shows how to find the VRRP address in ClearPass Policy Manager.

Step 1 Open a new browser tab, connect to one of the ClearPass servers, and login to ClearPass Policy Manager with administrator credentials.

Step 2 From the left navigation menu, select Administration, use the + sign to expand Server Manager, and then select Server Configuration.

Step 3 On the Server Configuration page in the top right, select Virtual IP Settings.

Step 4 From the Virtual IP Settings page, observe and record the Virtual IP configured for the CPPM cluster.

Step 5 Use nslookup or other operating system specific mechanism to confirm that the above Virtual IP address has a resolvable host name and use the host name in the Captive Portal Profile: IP or Hostname: field when configuring a WLAN for captive portal authentication.


Back to top

© Copyright 2021 Hewlett Packard Enterprise Development LP. The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. Aruba Networks and the Aruba logo are registered trademarks of Aruba Networks, Inc. Third-party trademarks mentioned are the property of their respective owners. To view the end-user software agreement, go to Aruba EULA.