What is the purpose of the captive portal URL hash key on an AOS-Switch?
A. It specifies the captive portal URL and conceals the setting in the config.
B. It authenticates guest users based on the password the users enter in the portal.
C. It does not let users alter the URL that redirects them to the portal.
D. It encrypts and secures the RADIUS messages that the AOS-Switch sends to ClearPass.
C is correct!
answer is D
The key is a shared secret between CPPM and the switch. When configured, the switch generates a HMAC-SHA1 hash of the entire redirect URL, and appends the hash to the URL to be sent to CPPM as part of the HTTP redirect. If CPPM is configured to check the hash, it will generate the hash of the URL using its version of the URL hash key and compare against the value provided by the switch. The action taken by CPPM upon a match or mismatch is determined by what is configured on CPPM.
https://www.arubanetworks.com/techdocs/ArubaOS_64_Web_Help/Content/ArubaFrameStyles/Captive_Portal/Captive_Portal_Authentic.htm
If a redirection URL is defined, enter a URL Hash Key to hash the redirect URL using the specified key.
This parameter enhances security for the Clearpass Guest login URL so that Clearpass can trust and ensure that the client MAC address in the redirect URL has not been tampered with by anyone. Default: Disabled.