ClearPass Guest Setup. Aruba Instant 6.5.2.0, RAP-155, IAP-207, RAP-108, IAP-305, Instant

ClearPass Guest Setup

This chapter consists of the following topics:

Configuring ClearPass Guest on page 396

Verifying ClearPass Guest Setup on page 400

Troubleshooting on page 401

Configuring ClearPass Guest

To configure ClearPass Guest:

1. From the ClearPass Guest UI, navigate to Administration > AirGroup Services .

2. Click Configure AirGroup Services .

Figure 115 Configure AirGroup Services

3. Click Add a new controller .

Aruba Instant 6.5.2.0 | User Guide ClearPass Guest Setup | 396

Figure 116 Add a New Controller for AirGroup Services

4. Update the parameters with appropriate values.

Ensure that the port configured matches the CoA port ( RFC 3576 ) set on the IAP configuration.

Figure 117 Configure AirGroup Services: Controller Settings

5. Click Save Configuration .

In order to demonstrate AirGroup, either an AirGroup Administrator or an AirGroup Operator account must be created.

Creating AirGroup Administrator and Operator Account

To create a AirGroup administrator and AirGroup operator account using the ClearPass Policy Manager UI:

1. Navigate to the ClearPass Policy Manager UI, and navigate to Configuration > Identity > Local Users .

397 | ClearPass Guest Setup Aruba Instant 6.5.2.0 | User Guide

Figure 118 Configuration > Identity > Local Users Selection

2. Click Add User .

3. Create an AirGroup Administrator by entering the required values.

Figure 119 Create an AirGroup Administrator

4. Click Add .

5. Now click Add User to create an AirGroup Operator .

Aruba Instant 6.5.2.0 | User Guide ClearPass Guest Setup | 398

Figure 120 Create an AirGroup Operator

6. Click Add to save the user with an AirGroup Operator role. The AirGroup Administrator and AirGroup

Operator IDs will be displayed in the Local Users UI screen.

Figure 121 Local Users UI Screen

7. Navigate to the ClearPass Guest UI and click Logout . The ClearPass Guest Login page is displayed. Use the AirGroup admin credentials to log in.

8. After logging in, click Create Device .

Figure 122 Create a Device

399 | ClearPass Guest Setup Aruba Instant 6.5.2.0 | User Guide

The Register Shared Device page is displayed.

Figure 123 ClearPass Guest- Register Shared Device

For this test, add your AppleTV device name and MAC address but leave all other boxes empty.

9. Click Register Shared Device .

Verifying ClearPass Guest Setup

To verify the setup:

1. Disconnect your AppleTV and OSX Mountain Lion/iOS 6 devices if they were previously connected to the wireless network. Remove their entries from the controller’s user table using these commands: l l

Find the MAC address— show user table

Delete the address from the table— aaa user delete mac 00:aa:22:bb:33:cc

2. Reconnect both devices. To limit access to the AppleTV, access the ClearPass Guest UI using either the

AirGroup admin or the AirGroup operator credentials. Next, navigate to List Devices > Test Apple TV >

Edit . Add a username that is not used to log in to the Apple devices in the Shared With box.

3. Disconnect and remove the OSX Mountain Lion/iOS 6 device from the controller’s user table. Reconnect the device by not using the username that you added to the Shared With box. The AppleTV should not be available to this device.

4. Disconnect the OSX Mountain Lion/iOS 6 device and delete it from the controller’s user table. Reconnect using the username that was added to the Shared With box. The OSX Mountain Lion/iOS 6 device should once again have access to the AppleTV.

Aruba Instant 6.5.2.0 | User Guide ClearPass Guest Setup | 400

Troubleshooting

Table 84: Troubleshooting

Problem

Limiting devices has no effect.

Apple Macintosh running Mountain Lion can use

AirPlay but iOS devices cannot.

Solution

Ensure IPv6 is disabled.

Ensure IPv6 is disabled.

401 | ClearPass Guest Setup Aruba Instant 6.5.2.0 | User Guide