Wireless Client Disconnects After Captive Portal Registration
Anonymous
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-07-2017 01:12 PM
Hi,
This is probably a checkbox somewhere I can't find, but the symptom is that whenever a wireless client finishes the captive portal registration process for Guest Web Registration, it will disconnect the client and will not reconnect until I drop-out of the auto client pop-up, and then re-select the SSID again? It will then connect as it should and the correct NAC rule is applied prior to the disconnect?
The IP address is the same when unregistered as registered, just the registered device gets a policy that allows all, whereas the unregistered is redirect to NAC. The unregistered and registered policy both have the same contain to VLAN configuration.
The set up for the Guest VNS is B@EWC which goes out of the second eth port on the virtual wireless controller. This port is tied to an internet only vSwitch that's connected to the internet firewall and the second eth port on the NAC.
The wireless controller is running version 10.31.04.0009.
Not sure if anyone has had the same problem?
Many thanks in advance.
This is probably a checkbox somewhere I can't find, but the symptom is that whenever a wireless client finishes the captive portal registration process for Guest Web Registration, it will disconnect the client and will not reconnect until I drop-out of the auto client pop-up, and then re-select the SSID again? It will then connect as it should and the correct NAC rule is applied prior to the disconnect?
The IP address is the same when unregistered as registered, just the registered device gets a policy that allows all, whereas the unregistered is redirect to NAC. The unregistered and registered policy both have the same contain to VLAN configuration.
The set up for the Guest VNS is B@EWC which goes out of the second eth port on the virtual wireless controller. This port is tied to an internet only vSwitch that's connected to the internet firewall and the second eth port on the NAC.
The wireless controller is running version 10.31.04.0009.
Not sure if anyone has had the same problem?
Many thanks in advance.
7 REPLIES 7
Anonymous
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-08-2017 12:08 PM
Nice one.... the reason why this forums so good, even on a Sunday too!
So many great ideas, all worth checking off and the latter that did the trick - the 'redirect immediately' works for me in this particular scenario.
Many thanks for all the support and all the knowledgeable posts.
So many great ideas, all worth checking off and the latter that did the trick - the 'redirect immediately' works for me in this particular scenario.
Many thanks for all the support and all the knowledgeable posts.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-08-2017 11:58 AM
Does the client have connectivity to the NAC once it's moved into the Guest Registration role?
When the client is at the "Network Registration in progress" page it's continuously attempting to contact the NAC. Once it's been re-authenticated, and it contacts the NAC, NAC will run it through a rules evaluation to confirm the transition has occurred and then will send the registration success page.
If the client doesn't have http/https connectivity to NAC after transition this will not occur and the client will be stuck at Registration in Progress.
You can also try the captive portal "Redirect immediately" option in the NAC Captive portal "Network Settings" section. This makes it so instead of contacting the NAC it will try to hit the googlefav icon site configured, and once it can get out it will skip the "registration success" page and hit either the URL configured, or URL from the client, depending on what you have configured.
Thanks
-Ryan
When the client is at the "Network Registration in progress" page it's continuously attempting to contact the NAC. Once it's been re-authenticated, and it contacts the NAC, NAC will run it through a rules evaluation to confirm the transition has occurred and then will send the registration success page.
If the client doesn't have http/https connectivity to NAC after transition this will not occur and the client will be stuck at Registration in Progress.
You can also try the captive portal "Redirect immediately" option in the NAC Captive portal "Network Settings" section. This makes it so instead of contacting the NAC it will try to hit the googlefav icon site configured, and once it can get out it will skip the "registration success" page and hit either the URL configured, or URL from the client, depending on what you have configured.
Thanks
-Ryan
Anonymous
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-08-2017 10:04 AM
Hi,
Just to let you know inter-wlan roaming was enabled but it didn't unfortunately resolve the issue when disabled.
When going through the registration process, the moment you select the 'Complete Registration' you can see the end-system in NAC change immediately to the new rule with the allow policy.
I had been using the AutoLogin client, which just gets you as far as displaying "Network Registration In Progress", and you never get the WiFi bars until you drop out and then re-select the SSID.
I turned off AutoLogin and get exactly the same thing, where your stuck at 'Network Registration in Progress' but this time you have the WiFi bars. If you then put in google it will go there.
So I don't think the problem now is the fact that it is perhaps getting a disconnect, it might be to do with the fact the Guest Device is essentially connected to a network complete separate from the internal network (eth1 on EWC) and some communication isn't happening between the guest wireless device and NAC possibly?
Just to let you know inter-wlan roaming was enabled but it didn't unfortunately resolve the issue when disabled.
When going through the registration process, the moment you select the 'Complete Registration' you can see the end-system in NAC change immediately to the new rule with the allow policy.
I had been using the AutoLogin client, which just gets you as far as displaying "Network Registration In Progress", and you never get the WiFi bars until you drop out and then re-select the SSID.
I turned off AutoLogin and get exactly the same thing, where your stuck at 'Network Registration in Progress' but this time you have the WiFi bars. If you then put in google it will go there.
So I don't think the problem now is the fact that it is perhaps getting a disconnect, it might be to do with the fact the Guest Device is essentially connected to a network complete separate from the internal network (eth1 on EWC) and some communication isn't happening between the guest wireless device and NAC possibly?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎10-08-2017 09:36 AM
Can you check if you hava inter-wlan roaming enabled..if yes disable it. So that the new policy can take place without new association. Rgds Umut