Hi Extreme experts,
I have a question regarding (Firewall friendly) External Captive Portal Redirection.
First my goal:
I need to integrate the Extreme Wireless Controller into an external Captive Portal System.
- The Portal System first needs a MAC Authentication Request via RADIUS (like Extreme NAC) - which is accepted.
- The Portal expects a URL-Request: "https://:8443/ahsfasdzfgfaszdfd&mac=00-11-22-33-44-55" where 00-11-22-33-44-55 is the MAC of the Client.
The Extreme Wireless Controller should do the following:
1) Send MAC Authentication Request to Portal-System
2) Redirect any HTTP/HTTPS request to "https://:8443/ahsfasdzfgfaszdfd&mac=00-11-22-33-44-55"
3) After successfull authentication the Role of the client should be changed via RADIUS-CoA.
What I tried is the Firewall Friendly External Captive Portal with the following settings:
But unfortunately that configuration does not work.
1) If MAC Authentication is enabled no redirection is performed (The return Policy role is identical to the Unauthenticated Role in VNS settings). If I disable the MAC Authentication on the WLAN Service URL-Redirection is performed but with unexpected attributes:
Is there any way to disable the unwanted attributes dst, token and wlan?
How can I perform MAC Authentication and Redirection?
Any ideas?
Best Regards
Michael
I have a question regarding (Firewall friendly) External Captive Portal Redirection.
First my goal:
I need to integrate the Extreme Wireless Controller into an external Captive Portal System.
- The Portal System first needs a MAC Authentication Request via RADIUS (like Extreme NAC) - which is accepted.
- The Portal expects a URL-Request: "https://:8443/ahsfasdzfgfaszdfd&mac=00-11-22-33-44-55" where 00-11-22-33-44-55 is the MAC of the Client.
The Extreme Wireless Controller should do the following:
1) Send MAC Authentication Request to Portal-System
2) Redirect any HTTP/HTTPS request to "https://:8443/ahsfasdzfgfaszdfd&mac=00-11-22-33-44-55"
3) After successfull authentication the Role of the client should be changed via RADIUS-CoA.
What I tried is the Firewall Friendly External Captive Portal with the following settings:
But unfortunately that configuration does not work.
1) If MAC Authentication is enabled no redirection is performed (The return Policy role is identical to the Unauthenticated Role in VNS settings). If I disable the MAC Authentication on the WLAN Service URL-Redirection is performed but with unexpected attributes:
Is there any way to disable the unwanted attributes dst, token and wlan?
How can I perform MAC Authentication and Redirection?
Any ideas?
Best Regards
Michael
You are very welcome. I just had a thought. Is this a virtual controller or a physical controller?
The reason I ask is, now that I am thinking about it I had a similar issue with guest in the past. it ended up being the port group security on the VSwitch in VMWare. If it is indeed a virtual controller and in VMWare, can you verify that the security settings look like this for that particular port group?
Otherwise, VMWare won't let the MAC through
The reason I ask is, now that I am thinking about it I had a similar issue with guest in the past. it ended up being the port group security on the VSwitch in VMWare. If it is indeed a virtual controller and in VMWare, can you verify that the security settings look like this for that particular port group?
Otherwise, VMWare won't let the MAC through
