Manage Rogue Access Points, Guest Network Access, and Users
224
ProSAFE Wireless Controller
Note: If the network authentication uses an external RADIUS server, you
cannot configure captive portal authentication. That is, if you configure
an external RADIUS server with WPA, WPA2, or WPA & WPA2 (or if
you use legacy 802.1X), you cannot configure captive portal
authentication; the network authentication must be Open System,
Shared Key, WPA-PSK, WPA2-PSK, or WPA-PSK & WPA2-PSK (see
Network Authentication and Data Encryption Options on page 137).
Note these guidelines for captive portal user authentication and accounting through an
external RADIUS server:
• You can use either the basic-Auth RADIUS server or a RADIUS server of an advanced
authentication group. You cannot use the external LDAP server.
• The wireless controller uses CHAP or MS-CHAP as the authentication protocol with the
authentication server.
• The following RADIUS authentication variables are supported on the wireless controller:
- User-Name
- User-Password
- WISPr-Session-Terminate-Time
- Session-Timeout
If you change the values for any of these variables before the WiFi client disassociates
from the access point, the new values are not updated on the wireless controller.
• A managed access point can send accounting information to the external RADIUS server
because the wireless controller functions as a proxy RADIUS client for the managed
access point. The following RADIUS accounting variables are supported on the wireless
controller:
- Acct-Input-Octets
- Acct-Output-Octets
- Acct-Input-Gigawords
- Acct-Input-Gigawords
Configure a Basic Guest Portal or Captive Portal
You can configure a basic guest portal or captive portal with a local or external authentication
server.
You would typically use the basic portal in the profiles of a basic profile group of a small-scale
network. However, you can assign the basic portal to any profile, whether in the basic profile
group or in an advanced profile group.
To Next Page
Loading...
Need help?
General
