04-07-2021 01:52 AM
With Cloudpath, I've set up an enrollment workflow for MAC Registration according to the document "Cloudpath Enrollment System MAC Registration Configuration Guide, 5.8".
What doesn't work is the step "Register the MAC Address". I've filled out the URL of my vSZ, however, there is no port 9998 (as filled in when choosing the button "Ruckus SZ HTTPS") open on my vSZ. So I alway get a connection timeout when being redirected. Is there something I missed during configuration?
Also, can somebody explain, why this redirection is even needed since Cloudpath is used for MAC authentication?
04-07-2021 06:13 AM
Did you setup the WISPr Northbound Interface? What settings do you have for the Redirect Information under MAC Registration List?
04-07-2021 07:47 AM
Thanks for your answer. I've tried a little more and found a FW rule that was blocking this port. After opening this port, the redirect works, but somehow I'm being redirected back to Cloudpath, where I get a loop page asking me to continue to redirect or start over. This is how it look in enrollments:
And to your questions. No, I hadn't setup the WISPr Northbound Interface. I did now (with the User/PW of Cloudpath) but it doesn't look like it changes anything.
My redirect settings are as follows:
04-07-2021 11:25 AM
That's interesting. Have you cleared out that MAC from Users and Devices to get back to a "clean" setup, then attempt it again. Your settings are the same that we have in production and it seems to work correctly.
04-07-2021 11:51 AM
This can happen if RADIUS is not configured correctly in SmartZone. Make sure that the IP address is correct and that the shared secrets are as well. SZ (in proxy) or AP (non-proxy) and Cloudpath should be able to talk to each other.
You can run a RADIUS auth test in SmartZone to your Cloudpath server, if you get a timeout, you know something is amiss (shared secret/fw issue/wrong ip address).
If you are unsure of what ports are required for ingress/egress of Cloudpath, you can also use the Administration / Firewall Requirements page. This page will change dynamically as well depending on your workflow. This is also on-prem only.