Captive Portal; Overview; Functional Description - Dell POWERCONNECT 6200 SERIES Configuration Manual
Dell computer accessories user manual
Hide thumbs
Also See for POWERCONNECT 6200 SERIES:
- Getting started manual (282 pages) ,
- Getting started manual (100 pages)
Table of Contents
Advertisement
Captive Portal
Overview
Captive Portal feature is a software implementation that allows client access only on user verification.
Verification can be configured to allow access for guest and authenticated users. Users must be validated
against a database of authorized captive portal users locally or through a radius client.
The Authentication server supports both HTTP and HTTPS web connections. In addition, Captive
Portal can be configured to use an optional HTTP or HTTPS port (in support of HTTP Proxy networks).
If configured, this additional port is used exclusively by Captive Portal.
NOTE:
This optional port is in addition to the default ports (HTTP port 80 and HTTPS port 443), which are used for all
other web traffic.
The main captive portal component is a generic implementation that runs within the switch. It provides
the network administrator with a common method to configure captive portals for client access. The
generic captive portal component handles all configurations, client authentication, and manages status
and statistics for presentation to the network administrator communicating with interface-specific
components as required.
Functional Description
Captive Portal for wired interfaces allows the clients directly connected to the switch be authenticated
using a Captive Portal mechanism before the client is given access to the network.
When a wired physical port is enabled for Captive Portal, the port is set in a captive-portal-enabled state;
all traffic coming into the port from unauthenticated clients are dropped except for the ARP, DHCP,
DNS, and NETBIOS packets. These packets forwarded by the switch so that the unauthenticated clients
can get an IP address resolve the hostname or domain names. Data traffic from authenticated clients is
forwarded normally.
All HTTP/HTTPS packets from unauthenticated clients are directed to the CPU on the switch for the
ports that are enabled for Captive Portal. When an unauthenticated client opens a web browser and tries
to connect to network, the Captive Portal redirects all the HTTP/HTTPS traffic from unauthenticated
clients to the authenticating server on the switch. A Captive portal web page is sent back to the
unauthenticated client and the client can authenticate and gain access to the port.
The Captive Portal feature can be enabled on all physical ports on the switch. It is not supported for
VLAN interfaces, loopback interfaces, or logical interfaces.
The Captive Portal feature performs Mac-based authentication (not port-based authentication). All
clients connected to the captive portal interface must be authenticated before accessing the network.
There are three states for clients connecting to the Captive Portal interface:
•
Unknown State
•
Unauthenticated State
•
Authenticated State
125
Device Security
Hide quick links:
Advertisement
Table of Contents
