Dell PowerConnect W Clearpass 100 Software ArubaOS Integration Guide - Page 25

Amigopod and ArubaOS Integration Application Note Enable Captive Portal on Initial Role of Captive Portal Profile In the previous step, the initial role for this captive portal authentication configuration is configured as guest-logon. This role must be modified to enable the newly created Amigopod captive portal profile. If you forget this step, the captive portal is not triggered when a new guest connects to the guest Wi-Fi SSID. Also, the amigopod policy must be added to the initial role to ensure that traffic from the unauthenticated guest users can be redirected successfully to the Amigopod web login page. If these policies are not in place, the controller attempts to redirect the browser session to the Amigopod web login URL defined in your captive portal profile. This attempt fails because the default captiveportal policy is matched for http traffic. The session will consequently be redirected a second, third, and fourth time, in an endless loop. The result is a "too many redirects" error message or a browser that keeps flicking between the controller and Amigopod web login URL. NOTE The amigopod policy must be placed in position 1 of the access list to ensure that it is processed first. Captive Portal Logon Role Configuration user-role "guest-logon" access-list session "amigopod" position 1 access-list session "captiveportal" position 2 access-list session "guest-logon-access" position 3 access-list session "block-internal-access" position 4 access-list session "v6-logon-control" position 5 access-list session "captiveportal6" position 6 captive-portal "guestnet" Aruba Networks, Inc. Figure 15 Captive portal logon role configuration ArubaOS Configuration | 25