Table of Contents
Advertisement
Configuring Access Guardian
Using Captive Portal Authentication
Captive Portal authentication is a mechanism by which user credentials are obtained through Web pages
and authenticated through a RADIUS server. If the authentication is successful, the RADIUS server may
return a role (policy list) that is applied to traffic from the user device. The OmniSwitch implementation
supports an internal Captive Portal mechanism. An internal Web server on the local switch presents
Captive Portal Web pages to obtain user credentials.
Internal Captive Portal authentication is a configurable option for a UNP profile that is applied after a user
is assigned to the profile (after the initial 802.1X or MAC authentication or classification process).
Captive Portal provides a secondary level of authentication that is used to apply a new role (QoS policy
list) to the user.
•
The RADIUS server returns the name of a QoS policy list or the name of a UNP profile that specifies a
policy list name.
•
If the RADIUS server does not return a QoS policy list or UNP profile name, a locally configured
Captive Portal authentication pass policy specifies a QoS policy list or UNP profile name to assign to
the user device.
The method for determining which QoS policy list is applied to a user device is based on the following
precedence in descending order:
1
A policy list returned from the RADIUS server.
2
A domain specific policy list specified in the Captive Portal authentication pass configuration of a
Captive Portal profile.
3
A policy list specified in the Captive Portal authentication pass configuration of a Captive Portal
profile.
4
A domain specific policy list specified in the global Captive Portal authentication pass setting for the
switch.
5
A policy list specified in the global Captive Portal authentication pass setting for the switch.
6
A policy list associated with a UNP profile returned from the RADIUS server.
7
A policy list associated with a domain specific UNP profile that is specified in the global Captive
Portal authentication pass setting for the switch.
8
A policy list associated with a UNP profile that is specified in the global Captive Portal authentication
pass setting for the switch.
An external, guest Captive Portal authentication mechanism is provided through the Access Guardian
OmniSwitch integration with the Unified Policy Access Manager (UPAM) or the ClearPass Policy
Manager (CPPM). See
information.
This section provides the following information regarding configuring and using the OmniSwitch internal
Captive Portal mechanism:
•
"Configuration Tasks and Guidelines" on page 28-77
•
"Quick Steps for Configuring Captive Portal Authentication" on page 28-78
OmniSwitch AOS Release 8 Network Configuration Guide
"Bring Your Own Devices (BYOD) Overview" on page 28-115
Using Captive Portal Authentication
December 2017
for more
page 28-76
- Quick Links:
- Ethernet Port Defaults
Hide quick links:
Advertisement
Table of Contents
