Prerequisites for external Web Authentication for Aruba ClearPass
The following are the prerequisites to support external Web Authentication on Brocade ICX switches.
- Aruba ClearPass Policy Manager or CPPM for creating and managing the security profiles used for authentication.
- Aruba ClearPass Guest module for creating web logins pages for Guest access.
The parameters in the following table are mandatory while creating a guest or web login page on the Aruba ClearPass server.
For more details related to Web Logins page creation, refer to the "Configuration" section in the
Aruba ClearPass Guest User Guide, release version 6.4.
| Fields | Value | Description |
|---|---|---|
| Submit URL |
http://<IP address>/Forms/webauth_cpss Use this syntax for ICX switches: {$switch_ip|default:"http://1.1.1.1/Forms/webauth_cpss"} |
Specifies the URL of the NAS device's login form. |
| Submit Method | POST | Specifies the method to use while submitting the login form to NAS. |
| Username Field | webauth_user_id | Specifies the name of the username field for the login form. This is passed to the NAS device when the form is submitted. |
| Password Field | webauth_password | Specifies the name of the password field for the login form. This is passed to the NAS device when the form is submitted. |
| Extra Fields | url|hidden_URL_str!= | Use this field when original client requested URL needs to be re-directed |
| URL Field | hidden_URL_str | Specifies the destination field for the NAS device. This field contains the default URL value. |
| Default URL | Any URL
Example https://www.brocade.com or http://www.brocade.com |
Specifies the destination URL to which the client is redirected after authentication. |
Other vendor-specific details are selected by default.
The following figures show examples of the information required for Web Authentication Captive Portal Redirection.
Figure 27
Web Login configuration information
Figure 28
Web login configuration information (cont'd)