Different NAC Portal Page


Userlevel 5
Hi community

I would like to configure different NAC portal pages for different locations.
I have created additional portal pages.
I have created a rule that forces the use of the new Portal page when I authenticate from a specific location but this seem intermittent.
Some users get the default portal page and other get the Custom Portal Page

What is the correct setup for this Solution?
I have attached a copy of my rules.

5 replies

Userlevel 7
Check which rule is hit = which role/portal the client get's.

If the client hit the "Client-Andre" rule he should get the custom portal - if rule "unregistered" is hit then the default portal is used.

If the problem is related that "Client-Andre" rule isn't used right-click the client in the NAC end-system tab and click > configuration evaluation tool > run evaluation ...and look why the rule isn't used.

BTW, how is your location group configured - are you using AP zone or what is your option to get the location right?

-Ron
Userlevel 7
Ron wrote:

Check which rule is hit = which role/portal the client get's.

If the client hit the "Client-Andre" rule he should get the custom portal - if rule "unregistered" is hit then the default portal is used.

If the problem is related that "Client-Andre" rule isn't used right-click the client in the NAC end-system tab and click > configuration evaluation tool > run evaluation ...and look why the rule isn't used.

BTW, how is your location group configured - are you using AP zone or what is your option to get the location right?

-Ron

...and make sure that the NAC configuration is enforced 🙂
Userlevel 7
Could it be this....
https://gtacknowledge.extremenetworks.com/articles/Solution/Landing-page-does-not-show-configured-ch...
Userlevel 7
That was new to me...

https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-configure-NAC-for-Advanced-Location...
Userlevel 5
Thx Ronald

I think I have found my problem.
Currently the V2110 and NAC is deployed in the cloud.
I have the VNS setup to return the SSID via radius attributes to the NAC.

What seems to be happening is that when a client connects the "Switch Port" in nac first displays the "Topology name" and only 10 seconds later updates this with the SSID.

So when I connect and wait a few seconds and then open a browser I receive the correct Page.
If I browse within the 10 seconds the default NAC rule applies because the location does not match.
I am going to add the topology name in the location list.

Thx
Andre

Reply