Configuring Captive Portal Authentication Profiles

In this section, you create an instance of the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication profile and the AAA Authentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption. profile. For the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication profile, you specify the previously-created auth-guest user role as the default user role for authenticated captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. clients and the authentication server group (“Internal”).

The following procedure describes how to configure captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication:

  1. Login to the Mobility Conductor.
  2. In the Managed Network node hierarchy, navigate to the Configuration > Authentication > L3 Authentication tab and select Captive Portal Authentication.
    1. Click + in the Captive Portal Authentication Profile: New Profile window to create a new Captive Portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. Authentication Profile. Enter guestnet as the Profile Name and click Submit.
    2. Select the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication profile you just created.
    3. For default role, select guest.
    4. Select user login.
    5. Uncheck Guest Login.
    6. Click Submit.
  3. Select Server Group under the guestnet captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication profile you just created.
    1. Select internal from the Server Group drop-down list.
    2. Click Submit.
  4. Click Pending Changes.
  5. In the Pending Changes window, select the checkbox and click Deploy changes.

The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands configure captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication:

(host) [md] (config) #aaa authentication captive-portal guestnet

default-role auth-guest

user-logon

no guest-logon

server-group internal

The following section describes how to configure the user accounts, WLAN Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection., AAA Authentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption. profile, and captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. parameters:

Modifying the Initial User Role

The captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication profile specifies the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. login page and other configurable parameters. The initial user role configuration must include the applicable captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication profile instance. Therefore, you need to modify the guest-logon user role configuration to include the guestnet captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication profile. You also need to include the predefined captiveportal policy, which directs clients to the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users., in the initial user role configuration.

The following procedure describes how to modify the guest-logon role:

  1. Login to the Mobility Conductor.
  2. In the Managed Network node hierarchy, navigate to the Configuration > Roles & Policies > Roles tab.
  3. Select the guest-logon role.
  4. Select Show Advanced View in the Roles > guest-logon table.
  5. Select the More tab.
  6. Expand the Authentication accordion.
  7. Select the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication profile you just created from the Captive Portal Profile drop-down list and then click Submit.
  8. Click Pending Changes.
  9. In the Pending Changes window, select the checkbox and click Deploy changes.

The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands modify the guest-logon role:

(host) [md] (config) #user-role guest-logon

(host) [md] (config-submode)#access-list session captiveportal

captive-portal guestnet

Configuring the AAA Profile

In this section, you configure the guestnet AAA Authentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption. profile, which specifies the previously-created guest-logon role as the initial role for clients who associate to the WLAN Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection..

The following procedure describes how to configure the AAA Authentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption. profile:

  1. Login to the Mobility Conductor.
  2. In the Managed Network node hierarchy, navigate to the Configuration > Authentication > AAA Profiles page.
  3. Expand AAA. In the AAA Profiles: New Profile, click + to add a new profile. Enter guestnet for the name of the profile and then click Submit.
  4. Select guest-logon from Initial role drop-down list.
  5. Click Submit.
  6. Click Pending Changes.
  7. In the Pending Changes window, select the checkbox and click Deploy changes.

The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. command configures the AAA Authentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption. profile:

(host)[md](config) #aaa profile guestnet

initial-role guest-logon

Configuring the WLAN

In this section, you create the guestnet virtual AP profile for the WLAN Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection.. The guestnet virtual AP profile contains the SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile guestnet (which configures opensystem for the SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network.) and the AAA Authentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption. profile guestnet.

The following procedure describes how to configure the guest WLAN Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection.:

  1. Login to the Mobility Conductor.
  2. In the Managed Network node hierarchy, navigate to the Configuration > System > Profiles tab.
  3. Under All Profiles, select Wireless LAN, then select Virtual AP.
  4. To create a new virtual AP profile, click + from the Virtual AP profile: New Profile pane. Enter the name for the virtual AP profile (for example, guestnet) and then click Submit.
    1. In the Profile Details entry for the new virtual AP profile (guestnet), select AAA profile and then select the AAA Authentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption. profile you previously configured from the AAA Profile drop-down list and then click Submit.
    2. In the Profile Details entry for the new virtual AP profile (guestnet), select SSID and then select SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. from the SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile drop-down list.
    3. Enter the name for the ESSID Extended Service Set Identifier. ESSID refers to the ID used for identifying an extended service set. profile (for example, guestnet).
    4. For Encryption, select opensystem.
    5. Click Submit.
  5. Navigate to the Configuration > AP Groups page.
  6. Select an AP group and click WLANs tab in the AP group window.
  7. Click + under the WLANs tab and select the newly create virtual AP profile (guestnet) from the Virtual-ap drop-down list and then click Submit.
  8. Navigate to the System > Profiles tab. Select Wireless LAN and then select Virtual AP. Click on the new virtual AP name in the All Profiles list.
    1. Click the General accordion and make sure Virtual AP enable is selected.
    2. For VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN., enter the ID of the VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. in which captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. users are placed (for example, VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. 900.
    3. Click Submit.
  9. Click Pending Changes.
  10. In the Pending Changes window, select the checkbox and click Deploy changes.

The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands configure the guest WLAN Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection.:

(host) [md] (config) #wlan ssid-profile guestnet

essid guestnet

opmode opensystem

 

(host) [md] (config) #aaa profile guestnet

initial-role guest-logon

 

(host) [md] (config) #wlan virtual-ap guestnet

vlan 900

aaa-profile guestnet

ssid-profile guestnet

Managing User Accounts

Temporary user accounts are created in the internal database on the Mobility Conductor. You can create a user role which will allow a receptionist to create temporary user accounts. Guests can use the accounts to log into a captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. login page to gain Internet access.

Configuring Captive Portal Configuration Parameters

Table 1 describes configuration parameters in the WebUI Captive Portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. Authentication profile page.

Table 1: Captive Portal Authentication Profile Parameters

Parameter

Description

Default Role

Role assigned to the Captive Portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. user upon login. When both user and guest logon are enabled, the default role applies to the user logon; users logging in using the guest interface are assigned the guest role.

Default: guest

Default Guest Role

Role assigned to guest.

Default: guest

Redirect Pause

Time, in seconds, that the system remains in the initial welcome page before redirecting the user to the final web URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet.. If set to 0, the welcome page displays until the user clicks on the indicated link.

Default: 10 seconds

User Login

Enables Captive Portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. with authentication of user credentials.

Default: Enabled

Guest Login

Enables Captive Portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. logon without authentication.

Default: Disabled

Logout popout window

Enables a pop-up window with the Logout link for the user to logout after logon. If this is disabled, the user remains logged in until the user timeout period has elapsed or the station reloads.

Default: Enabled

Use HTTP for authentication

Use HTTP Hypertext Transfer Protocol. The HTTP is an application protocol to transfer data over the web. The HTTP protocol defines how messages are formatted and transmitted, and the actions that the w servers and browsers should take in response to various commands. protocol on redirection to the Captive Portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. page. If you use this option, modify the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. policy to allow HTTP Hypertext Transfer Protocol. The HTTP is an application protocol to transfer data over the web. The HTTP protocol defines how messages are formatted and transmitted, and the actions that the w servers and browsers should take in response to various commands. traffic.

Default: disabled (HTTPS Hypertext Transfer Protocol Secure. HTTPS is a variant of the HTTP that adds a layer of security on the data in transit through a secure socket layer or transport layer security protocol connection. is used)

Logon wait minimum wait

Minimum time, in seconds, the user will have to wait for the logon page to pop up if the CPU Central Processing Unit. A CPU is an electronic circuitry in a computer for processing instructions. load is high. This works in conjunction with the Logon wait CPU Central Processing Unit. A CPU is an electronic circuitry in a computer for processing instructions. utilization threshold parameter.

Default: 5 seconds

Logon wait maximum wait

Configure parameters for the logon wait interval

Default: 10 seconds

Logon wait CPU utilization threshold

CPU Central Processing Unit. A CPU is an electronic circuitry in a computer for processing instructions. utilization percentage above which the Logon wait interval is applied when presenting the user with the logon page.

Default: 60%

Max Authentication failures

Maximum number of authentication failures before the user is blocked.

Default: 0

Show FQDN

Allows the user to see and select the FQDN Fully Qualified Domain Name. FQDN is a complete domain name that identifies a computer or host on the Internet. on the login page. The FQDNs shown are specified when configuring individual servers for the server group used with captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication.

Default: Disabled

Authentication Protocol

Select the PAP Password Authentication Protocol. PAP validates users by password. PAP does not encrypt passwords for transmission and is thus considered insecure., CHAP Challenge Handshake Authentication Protocol. CHAP is an authentication scheme used by PPP servers to validate the identity of remote clients. or MS-CHAPv2 Microsoft Challenge  Handshake Authentication Protocol version 2. MS-CHAPv2 is an enhanced version of the MS-CHAP protocol that supports mutual authentication. authentication protocol.

NOTE: Do not use the CHAP Challenge Handshake Authentication Protocol. CHAP is an authentication scheme used by PPP servers to validate the identity of remote clients. = option unless instructed to do so by anAruba representative.

Login Page

URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet. of the page that appears before logon. This can be set to any URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet..

Default: /cgi-bin/login?cmd=authenticate or /cgi-bin/login?cmd=login

Welcome Page

URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet. of the page that appears after logon and before redirection to the web URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet.. This can be set to any URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet..

Default: /auth/welcome.html

Show Welcome Page

Displays the configured welcome page before the user is redirected to their original URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet.. If this option is disabled, users are redirected to the web URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet. immediately after they log in.

Default: Enabled

Proxy Server Configuration

To configure proxy details for captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication.

NOTE: User cannot configure this setting.

Add switch IP address in redirection URL

Sends the IP address of the managed device in the redirection URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet. when external captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. servers are used. An external captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. server can determine the managed devices from which a request originated by parsing the ‘switchip’ variable in the URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet..

Default: Disabled

Adding User VLAN in the redirection URL

Sends the user VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. ID in the redirection URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet. when external captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. servers are used.

Adding AP's MAC address in redirection URL

AP's MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address is added in the redirection URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet. when external captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. servers are used.

Default: Disabled

Add a controller interface in the redirection URL

Sends the interface IP address of the managed device in the redirection URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet. when external captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. servers are used. An external captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. server can determine the managed devices from which a request originated by parsing the ‘switchip’ variable in the URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet..

Allow only one active user session

Allows only one active user session at a time.

Default: Disabled

Allow List

To add a netdestination to the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. allowlist, enter the destination host or subnet Subnet is the logical division of an IP network., then click Add. The netdestination will be added to the allowlist. To remove a netdestination from the allowlist, select it in the allowlist field, then click Delete.

If you have not yet defined a netdestination, use the CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. command netdestination to define a destination host or subnet Subnet is the logical division of an IP network. before you add it to the allowlist.

This parameter requires a PEFNG Policy Enforcement Firewall. PEF also known as PEFNG provides context-based controls to enforce application-layer security and prioritization. The customers using Aruba mobility controllers can avail PEF features and services by obtaining a PEF license. PEF for VPN users—Customers with PEF for VPN license can apply firewall policies to the user traffic routed to a controller through a VPN tunnel. license.

Deny List

To add a netdestination to the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. denylist, enter the destination host or subnet Subnet is the logical division of an IP network., then click Add. The netdestination will be added to the denylist. To remove a netdestination from the denylist, select it in the denylist field, then click Delete.

If you have not yet defined a netdestination, use the CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. command netdestination to define a destination host or subnet Subnet is the logical division of an IP network. before you add it to the denylist.

Show Acceptable Use Policy Page

Show the acceptable use policy page before the logon page.

Default: Disabled

User idle timeout

The user idle timeout value for this profile. Specify the idle timeout value for the client in seconds. Valid range is 30-15300 in multiples of 30 seconds. Enabling this option overrides the global settings configured in the AAA Authentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption. timers. If this is disabled, the global settings are used.

Redirect URL

URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet. to which an authenticated user will be directed. This parameter must be an absolute URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet. that begins with either http:// or https://.

Bypass Apple and Android Captive Network Assistant

Enabling this knob will bypass Apple CNA Captive Network Assistant. CNA is a popup page shown when joining a network that has a captive portal. on iOS devices like iPad, iPhone, iPod and on Android devices. The user needs to perform Captive Portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication from the browser.

URL Hash Key

If a redirection URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet. is defined, enter a URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet. Hash Key to hash the redirect URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet. using the specified key.

This parameter enhances security for the ClearPass Guest ClearPass Guest is a configurable ClearPass application for secure visitor network access management. login URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet. so that ClearPass Policy Manager ClearPass Policy Manager is a baseline platform for policy management, AAA, profiling, network access control, and reporting. With ClearPass Policy Manager, the network administrators can configure and manage secure network access that accommodates requirements across multiple locations and multivendor networks, regardless of device ownership and connection method. can trust and ensure that the client MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address in the redirect URL Uniform Resource Locator. URL is a global address used for locating web resources on the Internet. has not been tampered with by anyone. Default: Disabled.

Related Topics

Enabling Guest Provisioning

Configuring Captive Portal in the Base Operating System

Configuring Captive Portal with a PEFNG License