Configuring Captive Portal Authentication Profiles
In this section, you create an instance of the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication profile and the AAA Authentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption. profile. For the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication profile, you specify the previously-created user role as the default user role for authenticated captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. clients and the authentication server group (“Internal”).
The following procedure describes how to configure captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication:
- Login to the Mobility Conductor.
- In the
- Click Captive Portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. Authentication Profile. Enter as the and click . in the window to create a new
- Select the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication profile you just created.
- For default role, select .
- Select user login.
- Uncheck .
- Click .
node hierarchy, navigate to the tab and select . - Select captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication profile you just created.
- Select from the drop-down list.
- Click .
under the - Click .
- In the window, select the checkbox and click .
The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands configure captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication:
(host) [md] (config) #aaa authentication captive-portal guestnet
default-role auth-guest
user-logon
no guest-logon
server-group internal
The following section describes how to configure the user accounts, WLAN Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection., AAA Authentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption. profile, and captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. parameters:
Modifying the Initial User Role
The captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication profile specifies the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. login page and other configurable parameters. The initial user role configuration must include the applicable captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication profile instance. Therefore, you need to modify the user role configuration to include the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication profile. You also need to include the predefined policy, which directs clients to the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users., in the initial user role configuration.
The following procedure describes how to modify the guest-logon role:
- Login to the Mobility Conductor.
- In the node hierarchy, navigate to the tab.
- Select the role.
- Select in the table.
- Select the tab.
- Expand the accordion.
- Select the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication profile you just created from the drop-down list and then click .
- Click .
- In the window, select the checkbox and click .
The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands modify the guest-logon role:
(host) [md] (config) #user-role guest-logon
(host) [md] (config-submode)#access-list session captiveportal
captive-portal guestnet
Configuring the AAA Profile
In this section, you configure the AAA Authentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption. profile, which specifies the previously-created role as the initial role for clients who associate to the WLAN Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection..
The following procedure describes how to configure the AAA Authentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption. profile:
- Login to the Mobility Conductor.
- In the node hierarchy, navigate to the page.
- Expand . In the , click to add a new profile. Enter for the name of the profile and then click .
- Select from drop-down list.
- Click .
- Click .
- In the window, select the checkbox and click .
The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. command configures the AAA Authentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption. profile:
(host)[md](config) #aaa profile guestnet
initial-role guest-logon
Configuring the WLAN
In this section, you create the WLAN Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection.. The virtual AP profile contains the SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile (which configures opensystem for the SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network.) and the AAA Authentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption. profile .
virtual AP profile for theThe following procedure describes how to configure the guest WLAN Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection.:
- Login to the Mobility Conductor.
- In the node hierarchy, navigate to the tab.
- Under , select , then select .
- To create a new virtual AP profile, click
- In the AAA Authentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption. profile you previously configured from the drop-down list and then click . entry for the new virtual AP profile ( ), select and then select the
- In the SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. from the SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile drop-down list. entry for the new virtual AP profile ( ), select and then select
- Enter the name for the ESSID Extended Service Set Identifier. ESSID refers to the ID used for identifying an extended service set. profile (for example, ).
- For , select .
- Click .
from the pane. Enter the name for the virtual AP profile (for example, ) and then click . - Navigate to the page.
- Select an AP group and click tab in the AP group window.
- Click under the tab and select the newly create virtual AP profile (guestnet) from the drop-down list and then click .
- Navigate to the
- Click the accordion and make sure is selected.
- For VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN., enter the ID of the VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. in which captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. users are placed (for example, VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. .
- Click .
tab. Select and then select . Click on the new virtual AP name in the list. - Click .
- In the window, select the checkbox and click .
The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands configure the guest WLAN Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection.:
(host) [md] (config) #wlan ssid-profile guestnet
essid guestnet
opmode opensystem
(host) [md] (config) #aaa profile guestnet
initial-role guest-logon
(host) [md] (config) #wlan virtual-ap guestnet
vlan 900
aaa-profile guestnet
ssid-profile guestnet
Managing User Accounts
Temporary user accounts are created in the internal database on the Mobility Conductor. You can create a user role which will allow a receptionist to create temporary user accounts. Guests can use the accounts to log into a captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. login page to gain Internet access.
Configuring Captive Portal Configuration Parameters
Table 1 describes configuration parameters in the WebUI Captive Portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. Authentication profile page.
In the CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions., you configure these options with the commands.