How does this integration work?
Envoy sends visitor information to ClearPass, which then provisions temporary Wi-Fi access credentials to your network. Upon sign-in, the visitor will receive an email (if you collect visitor email addresses) or text message (if you collect visitor phone numbers) with username and password information for Wi-Fi access.
Note: for this integration to work, you must collect visitor email addresses at sign-in. Learn more about how to configure your Envoy sign-in fields.
Enabling the Envoy + Aruba ClearPass integration
To get started with this integration, please head to this Integration Guide which will provide you with everything you need to set things up within both Aruba ClearPass and Envoy. The key steps from the Envoy side are:
Under Wi-Fi, find Aruba, and click “Install.”
Note your Envoy integration Install Token to be input in the Clearpass Envoy extension configuration JSON.
Complete the ClearPass Extension setup in Aruba ClearPass. You will receive a ClearPass tenantName.
*NOTE* The Skyhoook tenant ID is only valid for 1 year. After that year you will need to get a new one following these same steps.
Back in Envoy settings, paste your tenantName into the ClearPass tenantName field.
Optional: If you have multiple ClearPass accounts, you can add a second tenantName in the Secondary ClearPass tenantName field. If you add a secondary tenantName, you must also select the locations to associate with the secondary tenantName. All locations not selected in the Secondary location mapping field will be associated with your primary tenantName.
After selecting an SMS Gateway, click “Complete Setup.” Once the Envoy ClearPass Extension is activated, it will automatically begin provisioning Wi-Fi credentials for visitors. You can see the status of the integration and any failures that have occurred on your enabled integrations page under Aruba ClearPass.
This integration is enabled across all locations by default. To disable for a specific location, set a “fake” Secondary ClearPass tenantName and then select the location(s) you want it disabled for in Secondary location mapping.
We suggest signing in a test visitor and ensuring that you get the credentials to via Email and SMS (if applicable). You can also view the credentials from the dashboard by clicking into a visitor entry.