04-07-2021 01:52 AM
With Cloudpath, I've set up an enrollment workflow for MAC Registration according to the document "Cloudpath Enrollment System MAC Registration Configuration Guide, 5.8".
What doesn't work is the step "Register the MAC Address". I've filled out the URL of my vSZ, however, there is no port 9998 (as filled in when choosing the button "Ruckus SZ HTTPS") open on my vSZ. So I alway get a connection timeout when being redirected. Is there something I missed during configuration?
Also, can somebody explain, why this redirection is even needed since Cloudpath is used for MAC authentication?
04-08-2021 02:53 AM
@christopher_mohammed I tested the RADIUS server and got the response "Primary Server : Failed! Reason: Invalid username or password." which, according to the manual, means that the connection works.
@eightohtwoeleven Looks like cleaning out the MAC addresses (Configuration/MAC Registration Lists/Modify List/Cleanup -> Delete Registered MACs) did the trick. MAC registration ist now working as expected!
04-08-2021 08:34 AM
Glad it worked out for you. Can't tell you how many times just removing it, works.
04-07-2021 08:02 AM
Hi b_g,
Great question! When you setup this in Cloudpath, the client/device will actually POST to the SmartZone port. So keep that in mind when working with MAC Registration workflow step.
When the client gets to that workflow step (mac-registration) Cloudpath will take the MAC address of the client (Cloudpath learns that on redirection) and stores it. What SmartZone needs to do is authenticate the client again. What Cloudpath will do is actually tell the client to do a POST to the SmartZone URL with it's credentials. SmartZone takes those credentials that the client provided it and will do a lookup in Cloudpath. Cloudpath will then send SmartZone an access accept message and the client is online.
You can see this in the Developer tools in a browser if you are interested! It will show up as "hotspotlogin". From there, you can see that the client does a POST to the SmartZone IP address with information that Cloudpath had provided it (those variables in the MAC-Reg workflow).
If you are using https 9998 I would recommend that you put a valid certificate on your SmartZone.
SZ should have that port available, and you can test that in a few different ways. I am making an assumption that you can connnect to SmartZone without it being behind a FW or NAT or something else to inhibit communication.
Use Cloudpath's WLAN controller port checker (works on premise or hosted):
1. In Cloudpath, can you click on Support | Diagnostics
2. In the Diagnostics window, click the WLAN controller tab
3. If not already selected, select SmartZone
4. Enter in the IP address of the SmartZone controller
5. Click on "run" on the top right
6. You will get output showing what ports are available on the SZ
Example:
Use Telnet to connect to port 9998
1. On you computer open up a command prompt window/power shell window/terminal window
2. Type in "telnet <smartzone IP address> 9998"
3. You may get a response saying "Escape character is '^]'" or along those lines; if you do, you are connected to that port on SmartZone. (you can type in "?" once connected to get some information returned from the page).
Note: If the port is not open, you will get a "connection refused". If you cannot communicate with SmartZone, you will get a time out.
Regards,
Christopher