Bienvenido a Soporte Purple

Aruba (Controller-based)

  • Actualización

Logging in

Start by logging into your Aruba Controller web interface.

WLAN

Click Configure > WLANs on the left and then click the + sign to add a new WLAN. Configure with:

Name (SSID): Guest WiFi (or whatever you wish)
Primary Usage: Guest
Forwarding Mode: Tunnel

Click Next and configure with:

VLAN: 1 (or whatever you use)

Click Next and configure with:

Is this WLAN for internal or guest? Guest

Click Next and configure with:

Captive Portal Type: ClearPass or other external Captive Portal

Under Auth servers click + then + again to create a new server. Configure with:

Server type: RADIUS
Name: guest1
IP Address: *insert radius_server here*
Auth port: 1812
Accounting port: 1813
Shared key: *insert radius_secret here*
Retype key: as above
Timeout: 5

Click Submit and then + again. Configure with:

Server type: RADIUS
Name: guest2
IP Address: *insert radius_server2 here*
Auth port: 1812
Accounting port: 1813
Shared key: *insert radius_secret here*
Retype key: as above
Timeout: 5

Click Submit and then configure the further options with:

Host addressing: IPv4
Host: *insert access_domain here*
Page: /access/

Click Next and then Next again to complete the wizard.

Firewall

Next, click Roles & Policies on the left. Select the Aliases tab and click +. Configure with:

IP Version: IPv4
Name: guestwifi

Under Items click + and add the required domains as per below. Please refer to this list.

Rule Type: Name
Domain Name: *insert domain here*

Click + again and do the same for all required domains.

Click Submit to save.

Captive Portal/RADIUS

Next, click Authentication on the left. Select the L3 Authentication tab and then click the Guest WiFi-cppm_prof entry. Configure with:

Default Role: guest
Default Guest Role: guest
Redirect Pause: 0
User Login: Enabled
Guest Login: Disabled
Logout popup window: Disabled
Use HTTP for authentication: Enabled
Logon wait minimum wait: 1
Logon wait maximum wait: 10
Authentication Protocol: PAP
Login page: *insert access_url here*
Welcome page: *insert redirect_url here*
Show Welcome page: Enabled
Add switch IP in redirection URL: Enabled
Adding APs MAC address in redirection URL: Enabled
White List: Add guestwifi from the list

Click Submit to save. Next, select the AAA Profiles tab and click on Guest WiFi-aaa_prof. Configure with:

Initial role: Guest WiFi-guest-logon
RADIUS Interim Accounting: Enabled

Click Submit to save. Next, click on the RADIUS Accounting Server Group and configure with:

RADIUS Accounting Server Group: Guest WiFi-dot1_svg

Click Submit to save. Next, select the Auth Servers tab and then All Servers > guest1. Leave all settings as they are except:

Mode: Enabled
MAC address delimiter: Dash
Station ID Type: AP MAC address
Station ID Delimiter: Dash
Include SSID: Enabled

Click Submit to save and then do the same for the guest2 server.

Finally, click Pending Changes at the top and apply changes.

Configuration Complete

The configuration is now complete.

Compartir en línea
¿Fue útil este artículo?
Usuarios a los que les pareció útil: 0 de 0