You can configure an access rule to enforce Captive portal authentication for SSIDs with 802.1X authentication enabled. You can configure rules to provide access to external Captive portal, internal Captive portal, or none, so that some of the clients using this SSID can derive the Captive portal role.
The following conditions apply to the 802.1X and Captive portal authentication configuration:
| If a user role does not have Captive Portal settings configured, the Captive portal settings configured for an SSID are applied to the client's profile. |
| If the SSID does not have Captive Portal settings configured, the Captive portal settings configured for a user role are applied to the client's profile. |
| If Captive portal settings are configured for both SSID and user role, the Captive portal settings configured for a user role are applied to the client's profile. |
You can create a Captive portal role for both
and splash page types.To enforce Captive Portal role, use the Instant UI or CLI.
To create a Captive portal role:
1. | Select an SSID profile from the | tab. The window is displayed.
2. | In the Access tab, slide to Role-based access control by using the scroll bar. |
3. | Select a role or create a new if required. |
4. | Click | to add a new rule. The window is displayed.
5. | In the New Rule window, specify the following parameters. The following figures show the parameters for Captive Portal role configuration: |
Figure 1 Captive Portal Rule for Internal Acknowledged Splash Page
Figure 2 Captive Portal Rule for External Captive portal profile
Field |
Description |
||||||||||||||||||||||||||||||
Rule type |
Select Captive Portal from the drop-down list. |
||||||||||||||||||||||||||||||
Splash Page Type |
Select any of following attributes:
|
||||||||||||||||||||||||||||||
Internal |
If Internal is selected as splash page type, perform the following steps:
|
||||||||||||||||||||||||||||||
External |
If External is selected, perform the following steps:
|
6. | Click | . The enforce captive portal rule is created and listed as an access rule.
7. | Create a role assignment rule based on the user role, to which the Captive portal access rule is assigned. |
8. | Click | .
The client can connect to this SSID after authenticating with username and password. After a successful user login, the Captive portal role is assigned to the client.
To create a Captive portal role:
(Instant Access Point)(config)# wlan access-rule <Name>
(Instant Access Point)(Access Rule <Name>)# captive-portal {external [profile <name>]|internal}
(Instant Access Point)(Access Rule <Name>)# end
(Instant Access Point)# commit apply