Define A Policy To Permit Traffic To Amigopod - AMIGOPOD PowerConnect W Clearpass 100 Software Integration Manual

Amigopod and ArubaOS Integration

Define a Policy to Permit Traffic to Amigopod

A new firewall policy must be created and assigned to the initial role allocated to unauthenticated guest
users to allow the successful redirect to the captive portal page defined on Amigopod.
These policies can be simplified by using the existing network destination alias as defined in the
campus VRD baseline configuration.
Amigopod Netdestination Alias
netdestination Amigopod
host 10.169.130.50
Based on the nature of the captive portal traffic, HTTP and HTTPS traffic are permitted through this
policy to the Amigopod IP address.
Depending on the routing topology in place at each customer environment, Network Address
Translation (NAT) may be used to hide the source address space allocated to guest users. NAT can
be implemented in the following two methods within the ArubaOS controller:
Source NAT all traffic from the guest VLAN on the controller.

Source NAT traffic per application through the use of policies in the PEF configuration on the

controller.
Based on these topology and routing decisions, the configuration of the policies to permit the initial
redirect traffic to Amigopod will change slightly.
Source NAT on VLAN
If you are performing a source NAT on the VLAN, use this configuration.
Aruba Networks, Inc.
Figure 12 Amigopod netdestination alias
Application Note
ArubaOS Configuration | 23