Working with RADIUS attributes
Colubris AV-Pair - Site attribute values
15-48
Although the remote login page feature enables you to host the public access login page on a
remote Web server, authentication of users is still performed by the controller through a
RADIUS server or using the local user list. To accomplish this, the remote Web server must
send user login information back to the controller. There are two ways this can be done:
basic remote login (as described in this section), or by using the NOC-based authentication
feature (described in Appendix D: NOC authentication).
The following diagram shows the sequence of events for a typical user session when using a
remote login page and a RADIUS server for authentication.
Syntax
login-url=URL_of_the_page [placeholder]
Access to the Web server hosting this page must be granted to all unauthenticated users. Do
this with an appropriate access list definition. (Users see this page before they are logged in.)
Non-authenticated user
attempts to browse a
web site on the
protected network.
Web browser is redirected.
Request is intercepted.
Login page is sent.
Login info is sent to
the RADIUS server.
Login approved.
User configuration
settings are returned.
Web server sends
the Welcome page
with URL of originally
requested web site.
User login info
is sent.
User’s web browser
is redirected to the
Welcome page.
HTML redirect is sent to
the user’s browser
pointing it to the
Welcome page
(This page could be
hosted on a different
web server.)
RADIUS serverUser
Web server hosting
remote login page
Controller
To Next Page
Loading...
Need help?
General
