Configuring Access Guardian Using Captive Portal Authentication
OmniSwitch AOS Release 8 Network Configuration Guide December 2017 page 28-79
3 When the client enters the appropriate login credentials and clicks on the “Submit” button on the login
page, the client is presented with the Captive Portal status page. This page indicates that the login was
successful and the remaining session time.
4 Use the show unp user status command on the OmniSwitch to display the status of the Access
Guardian classification and Captive Portal authentication process for the MAC address of the client.
Using Captive Portal Configuration Profiles
A Captive Portal profile is a configuration entity that provides flexible assignment of Captive Portal
configuration parameters to devices classified into specific UNP profiles. However, this type of profile is
only valid when assigned to profiles on which Captive Portal authentication is enabled.
When a Captive Portal profile is applied to a UNP profile, the parameter values defined in the Captive
Portal profile override the global Captive Portal parameter values configured for the switch. If there is no
Captive Portal profile associated with a profile, then the global Captive Portal configuration is applied.
Use a Captive Portal profile to define and apply the following Captive Portal configuration settings for
user sessions associated with a specific UNP profile:
• The name of an AAA profile to define specific device authentication configuration options, such as
which servers to use for Captive Portal authentication and parameter values for session timers and
RADIUS attributes. If there is no AAA profile assigned, the global AAA configuration for the switch
is used.
• A URL to which user devices are redirected when Captive Portal authentication is successful.
• The number of login attempts allowed for the Captive Portal session.
• The name of the QoS policy list or UNP profile to apply when Captive Portal authentication is
successful but the RADIUS server did not return a policy list or profile name.
Captive Portal profiles can be used to apply a custom Captive Portal configuration to different sets of user
devices based on the UNP profile assignment for the device.
Configuring Captive Portal Profiles
Use the captive-portal-profile command to create a profile name and configure parameter values for that
profile. For example:
-> captive-portal-profile cp_p1
-> captive-portal-profile cp_p1 aaa-profile aaa_p1
-> captive-portal-profile cp_p1 authentication-pass realm prefix domain asia-
pacific policy-list list1
-> captive-portal-profile cp_p2 retry-count 5
-> captive-portal-profile cp_p2 authentication-pass profile cp-pass
-> captive-portal-profile cp_p2 authentication-pass profile-change enable
-> captive-portal-profile cp_p2 success-redirect-url http://server-1.com/
pass.html
Captive Portal profiles are only valid for UNP profiles on which Captive Portal authentication is enabled.
Use the unp profile captive-portal-authentication command to enable Captive Portal authentication for
a UNP profile. For example:
-> unp profile cp_unp captive-portal-authentication
To Next Page
Loading...
