Dell PowerConnect W Clearpass 100 Software ArubaOS Integration Guide - Page 11

When the session ends Session-Timeout, Idle-Timeout, User Logout, Admin Disconnect,

Get Dell PowerConnect W Clearpass 100 Software PDF manuals and user guides View all Dell PowerConnect W Clearpass 100 Software manuals
Add to My Manuals
Save this manual to your list of manuals

Page 11 highlights

Amigopod and ArubaOS Integration Application Note 4. The login message instructs the guest user's browser to submit the user credentials directly to the Aruba controller as a HTTPS POST for authentication processing. 5. When the Aruba controller receives the user credentials, it creates a corresponding RADIUS session and sends an Access-Request message to the defined Amigopod RADIUS server. 6. The Amigopod processes the Access-Request message by referring to its local database and optionally any configured proxy authentication servers defined. Any defined authorization rules are processed at this point. 7. Based on the results of the authentication and authorization processing, the Amigopod responds with either an Access-Accept or Access-Reject message. If the authentication is successful, the Access-Accept message contains one or more RADIUS attributes to define the context of the guest user session. These attributes can include but are not limited to the session duration of the guest login and the Aruba controller user role that defines the PEF policies and bandwidth contracts that could be applied to the session. When the Aruba controller receives the AccessAccept message, it changes the role of the guest user session and their device is permitted access to the network. 8. If RADIUS accounting has been configured correctly on the Aruba controller, an AccountingStart packet is sent to the Amigopod, which defines the beginning of the session statistics for the guest user. 9. Based on the default interval of [600 seconds] the Aruba controller will provide updates to these session statistics by sending Interim Accounting update messages to the Amigopod. 10.Based on the Session-Timeout received in the original Access-Accept packet from Amigopod, the Aruba controller counts down the remaining time that is valid for the current guest user session. When the time has expired, the controller terminates the session. 11.When the session ends (Session-Timeout, Idle-Timeout, User Logout, Admin Disconnect), the controller sends a RADIUS Accounting-Stop message to close the session within the Amigopod accounting database. This stop message includes the final update of the session statistics. Aruba Networks, Inc. Captive Portal Authentication | 11

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
Aruba Networks, Inc.
Captive Portal Authentication
|
11
Amigopod and ArubaOS Integration
Application Note
4. The login message instructs the guest user’s browser to submit the user credentials directly to
the Aruba controller as a HTTPS POST for authentication processing.
5. When the Aruba controller receives the user credentials, it creates a corresponding RADIUS
session and sends an Access-Request message to the defined Amigopod RADIUS server.
6. The Amigopod processes the Access-Request message by referring to its local database and
optionally any configured proxy authentication servers defined. Any defined authorization rules
are processed at this point.
7.
Based on the results of the authentication and authorization processing, the Amigopod responds
with either an Access-Accept or Access-Reject message. If the authentication is successful, the
Access-Accept message contains one or more RADIUS attributes to define the context of the
guest user session. These attributes can include but are not limited to the session duration of the
guest login and the Aruba controller user role that defines the PEF policies and bandwidth
contracts that could be applied to the session. When the Aruba controller receives the Access-
Accept message, it changes the role of the guest user session and their device is permitted
access to the network.
8. If RADIUS accounting has been configured correctly on the Aruba controller, an Accounting-
Start packet is sent to the Amigopod, which defines the beginning of the session statistics for the
guest user.
9. Based on the default interval of [600 seconds] the Aruba controller will provide updates to these
session statistics by sending Interim Accounting update messages to the Amigopod.
10.Based on the Session-Timeout received in the original Access-Accept packet from Amigopod,
the Aruba controller counts down the remaining time that is valid for the current guest user
session. When the time has expired, the controller terminates the session.
11.When the session ends (Session-Timeout, Idle-Timeout, User Logout, Admin Disconnect), the
controller sends a RADIUS Accounting-Stop message to close the session within the Amigopod
accounting database. This stop message includes the final update of the session statistics.