cancel
Showing results for 
Search instead for 
Did you mean: 

ICX and captive portal

stefano_costant
New Contributor II
Hello everybody. I'm trying to have my ICX7150 (08.0.80) working with an external captive portal. My device connected to eth 1/1/11 receives an IP address an if it manually open the captive portal page it works, but ... no way to have it displayed automatically or being redirected opening another web site. Where am i wrong? Here's the config, i've follwed online guide (my captive is on Cloudpath): https://ruckus-support.s3.amazonaws.com/private/documents/2478/ruckus-icx-flexible-auth-cloudpath-52...

This is my config.

Current configuration:
!
ver 08.0.80dT211
!
captive-portal cloudpath
  virtual-ip
  virtual-port 443
  login-page /enroll/portal/reset
!
!
default-vlan-id 4000
!
vlan 1 name Management by port
 tagged ethe 1/2/1
 untagged ethe 1/1/1 to 1/1/10
 management-vlan
 default-gateway  1
!
vlan 75 name Ospiti_DiRete by port
 tagged ethe 1/2/1
 untagged ethe 1/1/11
 webauth
  captive-portal profile cloudpath
  auth-mode captive-portal
  trust-port ethernet 1/2/1
  enable
!
vlan 4000 name DEFAULT-VLAN by port
!
aaa authentication dot1x default radius
aaa authorization coa enable
aaa accounting dot1x default start-stop radius
aaa accounting mac-auth default start-stop radius
ip address 255.255.255.0
ip dns domain-list domain.local
ip dns server-address
!
logging console
!
radius-client coa host key
!
web-management https
!
interface ethernet 1/3/1
 speed-duplex 1000-full
!
interface ethernet 1/3/2
 speed-duplex 1000-full
!
end

4 REPLIES 4

stefano_costant
New Contributor II
Hello Jijo, suddenly the captive portal appears, but ...

does not work (see error on the bottom)

About your suggestion: in Cloudpath 5.4 Mac registration already has the option for ICX with redirect and post. I've even tried with forcing a redirect as indicated in the document you've posted, but i have this:

Web Auth in Vlan 75: Authentication failed (# of attempts tried: 3) for user : stefano using mac: xxxx.xxxx.xxxx

Could be the mac address syntax? 

jijo_panangat
RUCKUS Team Member
Hi Stefano,

Thanks,  we have a similar issue reported [FI-193235] and fixed under 8070e and 8090a code, As it is difficult to conclude its the same without a troubleshooting session, Do u mind upgrading the code once to rule out the known issues  ? 

Upgrade guide below for reference. 

http://docs.ruckuswireless.com/fastiron/08.0.90/fastiron-08090-upgradeguide/fastiron-08090-upgradegu...

jijo_panangat
RUCKUS Team Member
Hello Stefano,

Here is a sample switch config for web authentication using external captive portal if you would like to cross check your side.

!
captive-portal cp-sqa
virtual-ip cloudpathsqa.wwie.video54.local
virtual-port 80
login-page /enroll/RuckusWireless/Production/
!
vlan 3 name INTERNET by port
tagged ethe 1/1/10
untagged ethe 1/1/1
spanning-tree
webauth
captive-portal profile cp-sqa
auth-mode captive-portal
no secure-login
trust-port ethernet 1/1/10
enable
!
vlan 100 name Management-NW by port
tagged ethe 1/1/10
untagged ethe 1/1/20
spanning-tree
management-vlan
default-gateway 10.176.166.1 1
!
aaa authentication dot1x default radius
aaa authorization coa enable
aaa accounting dot1x default start-stop radius
aaa accounting mac-auth default start-stop radius
!
ip address x.x.x.x/24
ip dns domain-list wwie.video54.local
ip dns server-address x.x.x.x
!
radius-client coa host x.x.x.x key
radius-server host x.x.x.x auth-port 1812 acct-port 1813 default key dot1x mac-auth web-auth
radius-server accounting interim-updates
radius-server accounting interim-interval 5
!
web-management https 


Secondly, we have a similar issue related to Captive portal redirection fixed in FI08070e or FI8090a (not fixed in 8080 patches) Please upgrade and test if feasible.