Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Meraki wireless with Clearpass captive portal and radius

AniketAlashe
New here
Friday
Friday

Meraki wireless with Clearpass captive portal and radius

Hello,

 

We have a customer using Aruba wireless with CPPM. The CPPM provides the sign-on portal and Radius server capabilities. Users connecting to the wireless network are redirected to the CPPM captive portal to enter their credentials. These credentials are then validated against Azure AD database and the user is allowed access to the network if the user authentication is successful.

 

We are deploying Meraki APs in a different location for the user and need to enable similar access control using CPPM hosted portal and radius functionality.

 

note - this is not for guests.

 

Have tried multiple options, but can’t get it to work. appreciate any help here…

0 Kudos
Subscribe
4 Replies 4
GIdenJoe
Kind of a big deal
Kind of a big deal
Saturday
Saturday

In your other deployments are you letting the radius server directly speak to the AP's to send the access-accept?  Or are you merely allowing access to the webportal with a reauthentication after succesful login on the page?

On the access control page for the SSID you will need to choose the L2 authentication first which probably will be Open or Opportunistic Wireless Encryption.
For the L3 authentication you should be using Login using my radius server.
Then add the radius servers with their ports and shared secrets.

 

Make sure to add the IP's of the webserver hosting the login page to the walled garden.

 

Then go to Wireless -> Splash page and select custom splash url.

 

DNS and DHCP should normally be allowed through so you should at least see the login page after connection if you added the IP's to the walled garden.

0 Kudos
Subscribe
ammahend
Building a reputation
Saturday
Saturday

I had something similar to deal with, we used Meraki splash page Sign-On with My radius server, made CPPM available publicly with 1-1 NAT for dashboard to reach it, it works well.

user's get redirected to Meraki splash page and login with their AD account, Identity source can be local AD or Azure hosted doesn't matter.

0 Kudos
Subscribe
In response to ammahend
AniketAlashe
New here
Sunday
Sunday

Hello,

 

thanks for your reply. We thought of this approach. But my problem is that the CPPM was deployed at customer by some other vendor nd he is not available for support. We don’t have in house expertise on Clearpass. Looking for someone to help with the Clearpass side configuration to get this to work.

0 Kudos
Subscribe
In response to AniketAlashe
GIdenJoe
Kind of a big deal
Kind of a big deal
Sunday
Sunday

I hope you then started an ask for help on the Aruba forums then?
You'll have an easier time finding a person who deployed their authentication and authorization rules to communicate with the AP's?

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.