This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Open Captive Web Portal for Private PSK - Default User Profile

Open Captive Web Portal for Private PSK - Default User Profile

Go to solution
george_margarit
New Contributor

‎07-15-2019 09:50 PM

Captive Web Portal with Return Aerohive Private PSK, sets Default User Profile to "default-profile".

However, "default-profile" has no firewall policies, allowing users to directly connect to the network.

 

Is it possible to configure a different User Profile, so we can apply the default firewall policy "Redirect-Only"?

This is possible with all other CWP options, but is overwritten when PPSK is selected.

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
ashley_finch
Contributor III

‎07-16-2019 11:11 AM

Ah yes I see exactly what you mean now, I was looking on the PPSK rather than the Registration SSID, I see the same on the Cloud version of HiveManager.

I'm not sure as to why these options become unavailable so I'll leave that for Aerohive...

 

The only thing I can think of that may help is that if it is using the default user profile from the PPSK SSID, are you able to change this to a specific VLAN, security policies etc, and then apply a different profile for users when they actually receive a PPSK such as this?:

4b2a56e39b5c4692835d888d2e917493_0690c000008fydpAAA.png

View solution in original post

0 Kudos
8 REPLIES 8

Go to solution
george_margarit
New Contributor

‎07-16-2019 11:15 AM

Unfortunately, not.

"This is a default object and cannot be modified."

 

b37fa630d4ac45c7a7ae414ffc2091fd_0690c000008fye9AAA.png

0 Kudos

Go to solution
ashley_finch
Contributor III

‎07-16-2019 11:11 AM

Ah yes I see exactly what you mean now, I was looking on the PPSK rather than the Registration SSID, I see the same on the Cloud version of HiveManager.

I'm not sure as to why these options become unavailable so I'll leave that for Aerohive...

 

The only thing I can think of that may help is that if it is using the default user profile from the PPSK SSID, are you able to change this to a specific VLAN, security policies etc, and then apply a different profile for users when they actually receive a PPSK such as this?:

4b2a56e39b5c4692835d888d2e917493_0690c000008fydpAAA.png

0 Kudos

Go to solution
george_margarit
New Contributor

‎07-16-2019 11:11 AM

Hello Ashley, and thanks for coming back to me.

 

 

 

I have followed this guide, but it doesn't answer the problem.

 

The issue can be notices on the User profiles sections, as being used by the self-registration SSID:

c39450bf0be14bfba29fd5979455d67b_0690c000008fydaAAA.png

 

Actually, it goes away, the minute I select CWP

 

Before Selecting "Return Aerohive Private PSK:

 

openSSID-before

.. and after selecting Return PPSK, the option to select user profile is gone:

openSSID-after

 

 

In reality, users end up on the PPSK SSID user profile and not the default, as i can see they are getting an IP address on the subnet of the PPSK SSID.

 

 

 

Even worse, without being able to have a specific User Profile and VLAN for the Open SSID, I cannot enforce any security policies and the users, can actually access anything apart from HTTP/HTTPS, as for example they can establish a VPN...

 

 

 

we are on 19.5.1.7-NGVA

0 Kudos

Go to solution
ashley_finch
Contributor III

‎07-16-2019 10:42 AM

Hello George,

 

Yes this should be possible. I can't quite work out where you're seeing the user profile overwritten when the PPSK option is selected however. For instance I have an Open SSID for self reg, then a PPSK SSID with different user profiles associated with it.

 

This guide may help: https://thehivecommunity.aerohive.com/s/article/Self-Registration-PPSK-SSID-in-Hivemanager

0 Kudos
GTM-P2G8KFN