ArubaOS 8.6.0.0Help Center

You are here: Home > Captive Portal Authentication > Captive Portal Authentication

Configuring Captive Portal Authentication Profiles

In this section, you create an instance of thecaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.authentication profile and theAAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption.profile. For thecaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.authentication profile, you specify the previously-createdauth-guestuser role as the default user role for authenticatedcaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.clients and the authentication server group (“Internal”).

下面的过程介绍如何配置captive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.authentication:

1.Login to theMobility Master.

2.In theManaged Networknode hierarchy, navigate to theConfiguration > Authentication > L3 Authenticationtab and selectCaptive Portal Authentication.

a.Click + in theCaptive Portal Authentication Profile: New Profilewindow to create a newCaptive PortalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.Authentication Profile, enterguestnetas theProfile Nameand clickSubmit.

b.Select thecaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.authentication profile you just created.

c.For Default Role, selectguest.

d.Select User Login.

e.UncheckGuest Login.

f.ClickSubmit.

3.SelectServer Groupunder theguestnetcaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.authentication profile you just created.

a.Selectinternalfrom theServer Groupdrop-down list.

b.ClickSubmit.

4.ClickPending Changes.

5.In thePending Changeswindow, select the check box and clickDeploy changes.

The followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands configurecaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.authentication:

(host) [md] (config) #aaa authentication captive-portal guestnet

default-role auth-guest

user-logon

no guest-logon

server-group internal

The following section describes how to configure the user accounts,WLANWireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection.,AAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption.profile, andcaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.parameters:

Modifying the Initial User Role

Thecaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.authentication profile specifies thecaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.login page and other configurable parameters. The initial user role configuration must include the applicablecaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.authentication profile instance. Therefore, you need to modify theguest-logonuser role configuration to include theguestnetcaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.身份验证配置文件。您还需要包括the predefinedcaptiveportalpolicy, which directs clients to thecaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users., in the initial user role configuration.

The following procedure describes how to modify the guest-logon role:

1.Login to theMobility Master.

2.In theManaged Networknode hierarchy, navigate to theConfiguration > Roles & Policies > Rolestab.

3.Select theguest-logonrole.

4.SelectShow Advanced Viewin theRoles > guest-logontable.

5.Select theMoretab.

6.Expand theAuthenticationaccordion.

7.Select thecaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.authentication profile you just created from theCaptive Portal Profiledrop-down list, and clickSubmit.

8.ClickPending Changes.

9.In thePending Changeswindow, select the check box and clickDeploy changes.

(host) [md] (config) #user-role guest-logon

(host) [md] (config-submode)#access-list session captiveportal

captive-portal guestnet

Configuring the AAA Profile

In this section, you configure theguestnetAAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption.profile, which specifies the previously-createdguest-logonrole as the initial role for clients who associate to theWLANWireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection..

下面的过程介绍如何配置theAAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption.profile:

1.Login to theMobility Master.

2.In theManaged Networknode hierarchy, navigate to theConfiguration > Authentication > AAA Profilespage.

3.ExpandAAA. In theAAA Profiles: New Profile, click+to add a new profile. Enterguestnetfor the name of the profile, then clickSubmit.

4.Selectguest-logonfromInitial roledrop-down list.

5.ClickSubmit.

6.ClickPending Changes.

7.In thePending Changeswindow, select the check box and clickDeploy changes.

The followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.command configures theAAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption.profile:

(host)[md](config) #aaa profile guestnet

initial-role guest-logon

Configuring the WLAN

In this section, you create theguestnetvirtual AP profile for theWLANWireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection.. Theguestnetvirtual AP profile contains theSSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network.profileguestnet(which configures opensystem for theSSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network.) and theAAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption.profileguestnet.

下面的过程介绍如何配置the guestWLANWireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection.:

1.Login to theMobility Master.

2.In theManaged Networknode hierarchy, navigate to theConfiguration > System > Profilestab.

3.UnderAll Profiles, selectWireless LAN, then selectVirtual AP.

4.To create a new virtual AP profile, Click+from theVirtual AP profile: New Profilepane. Enter the name for the virtual AP profile (for example,guestnet), and clickSubmit.

a.In the Profile Details entry for the new virtual AP profile (guestnet), selectAAA profileand then select theAAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption.profile you previously configured from theAAA Profiledrop-down list and clickSubmit.

b.In the Profile Details entry for the new virtual AP profile (guestnet), selectSSIDand then selectSSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network.from theSSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network.profile drop-down list.

c.Enter the name for theESSIDprofile (for example,guestnet).

d.ForEncryption, selectopensystem.

e.At the bottom of the Profile Details page, clickSubmit.

5.Navigate to theConfiguration > AP Groupspage.

6.Select an AP Group and ClickWLANstab in the AP group window.

7.Click + under theWLANsWireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection.tab and select the newly create virtual AP profile (guestnet) from theVirtual-apdrop-down list and clickSubmit.

8.Navigate to theSystem > Profilestab. SelectWireless LANand then selectVirtual AP. Click on the new virtual AP name in the All Profiles list.

a.ClickGeneralaccordion and make sureVirtual AP enableis selected.

b.ForVLANVirtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN., enter the ID of theVLANVirtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN.in whichcaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.users are placed (for example,VLANVirtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN.900).

c.ClickSubmit.

9.ClickPending Changes.

10.In thePending Changeswindow, select the check box and clickDeploy changes.

The followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands configure the guestWLANWireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection.:

(host) [md] (config) #wlan ssid-profile guestnet

essid guestnet

opmode opensystem

(host) [md] (config) #aaa profile guestnet

initial-role guest-logon

(host) [md] (config) #wlan virtual-ap guestnet

vlan 900

aaa-profile guestnet

ssid-profile guestnet

Managing User Accounts

Temporary user accounts are created in the internal database on theMobility Master. You can create a user role which will allow a receptionist to create temporary user accounts. Guests can use the accounts to log into acaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.login page to gain Internet access.

Configuring Captive Portal Configuration Parameters

Table 1describes configuration parameters in the WebUICaptive PortalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.Authentication profile page.

In theCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions., you configure these options with theaaa authentication captive-portalcommands.

Table 1:Captive Portal Authentication Profile Parameters
Parameter	Description
Default Role	Role assigned to theCaptive PortalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.user upon login. When both user and guest logon are enabled, the default role applies to the user logon; users logging in using the guest interface are assigned the guest role. Default: guest
Default Guest Role	Role assigned to guest. Default: guest
Redirect Pause	Time, in seconds, that the system remains in the initial welcome page before redirecting the user to the final webURLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.. If set to 0, the welcome page displays until the user clicks on the indicated link. Default: 10 seconds
User Login	EnablesCaptive PortalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.with authentication of user credentials. Default: Enabled
Guest Login	EnablesCaptive PortalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.logon without authentication. Default: Disabled
Logout popout window	Enables a pop-up window with the Logout link for the user to logout after logon. If this is disabled, the user remains logged in until the user timeout period has elapsed or the station reloads. Default: Enabled
Use HTTP for authentication	UseHTTPHypertext Transfer Protocol. The HTTP is an application protocol to transfer data over the web. The HTTP protocol defines how messages are formatted and transmitted, and the actions that the w servers and browsers should take in response to various commands.protocol on redirection to theCaptive PortalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.page. If you use this option, modify thecaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.policy to allowHTTPHypertext Transfer Protocol. The HTTP is an application protocol to transfer data over the web. The HTTP protocol defines how messages are formatted and transmitted, and the actions that the w servers and browsers should take in response to various commands.traffic. Default: disabled (HTTPSHypertext Transfer Protocol Secure. HTTPS is a variant of the HTTP that adds a layer of security on the data in transit through a secure socket layer or transport layer security protocol connection.is used)
Logon wait minimum wait	Minimum time, in seconds, the user will have to wait for the logon page to pop up if theCPUCentral Processing Unit. A CPU is an electronic circuitry in a computer for processing instructions.load is high. This works in conjunction with the Logon waitCPUCentral Processing Unit. A CPU is an electronic circuitry in a computer for processing instructions.utilization threshold parameter. Default: 5 seconds
Logon wait maximum wait	Configure parameters for the logon wait interval Default: 10 seconds
Logon wait CPU utilization threshold	CPUCentral Processing Unit. A CPU is an electronic circuitry in a computer for processing instructions.utilization percentage above which the Logon wait interval is applied when presenting the user with the logon page. Default: 60%
Max Authentication failures	Maximum number of authentication failures before the user is blacklisted. Default: 0
Show FQDN	Allows the user to see and select theFQDNFully Qualified Domain Name. FQDN is a complete domain name that identifies a computer or host on the Internet.on the login page. The FQDNs shown are specified when configuring individual servers for the server group used withcaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.authentication. Default: Disabled
Authentication Protocol	Select thePAPPassword Authentication Protocol. PAP validates users by password. PAP does not encrypt passwords for transmission and is thus considered insecure.,CHAPChallenge Handshake Authentication Protocol. CHAP is an authentication scheme used by PPP servers to validate the identity of remote clients.orMS-CHAPv2Microsoft Challenge Handshake Authentication Protocol version 2. MS-CHAPv2 is an enhanced version of the MS-CHAP protocol that supports mutual authentication.authentication protocol. NOTE:Do not use theCHAPChallenge Handshake Authentication Protocol. CHAP is an authentication scheme used by PPP servers to validate the identity of remote clients.= option unless instructed to do so by anArubarepresentative.
Login Page	URLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.of the page that appears before logon. This can be set to anyURLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.. Default:/cgi-bin/login?cmd=authenticateor/cgi-bin/login?cmd=login
Welcome Page	URLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.of the page that appears after logon and before redirection to the webURLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.. This can be set to anyURLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.. Default: /auth/welcome.html
Show Welcome Page	Displays the configured welcome page before the user is redirected to their originalURLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.. If this option is disabled, users are redirected to the webURLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.immediately after they log in. Default: Enabled
Proxy Server Configuration	To configure proxy details forcaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.authentication. NOTE:User cannot configure this setting.
Add switch IP address in redirection URL	Sends the IP address of themanaged devicein the redirectionURLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.when externalcaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.servers are used. An externalcaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.server can determine themanaged devicesfrom which a request originated by parsing the ‘switchip’ variable in theURLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.. Default: Disabled
Adding User VLAN in the redirection URL	Sends the userVLANVirtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN.ID in the redirectionURLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.when externalcaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.servers are used.
Adding AP's MAC address in redirection URL	AP'sMACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network.address is added in the redirectionURLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.when externalcaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.servers are used. Default: Disabled
Add a controller interface in the redirection URL	Sends the interface IP address of themanaged devicein the redirectionURLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.when externalcaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.servers are used. An externalcaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.server can determine themanaged devicesfrom which a request originated by parsing the ‘switchip’ variable in theURLUniform Resource Locator. URL is a global address used for locating web resources on the Internet..
Allow only one active user session	Allows only one active user session at a time. Default: Disabled
White List	To add a netdestination to thecaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.whitelist, enter the destination host orsubnetSubnet is the logical division of an IP network., then clickAdd.The netdestination will be added to the whitelist. To remove a netdestination from the whitelist, select it in the whitelist field, then clickDelete. If you have not yet defined a netdestination, use theCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commandnetdestinationto define a destination host orsubnetSubnet is the logical division of an IP network.before you add it to the whitelist. This parameter requires aPEFNGPolicy Enforcement Firewall. PEF also known as PEFNG provides context-based controls to enforce application-layer security and prioritization. The customers using Aruba mobility controllers can avail PEF features and services by obtaining a PEF license. PEF for VPN users—Customers with PEF for VPN license can apply firewall policies to the user traffic routed to a controller through a VPN tunnel.license.
Black List	To add a netdestination to thecaptive portalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.blacklist, enter the destination host orsubnetSubnet is the logical division of an IP network., then clickAdd. The netdestination will be added to the blacklist. To remove a netdestination from the blacklist, select it in the blacklist field, then clickDelete. If you have not yet defined a netdestination, use theCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commandnetdestinationto define a destination host orsubnetSubnet is the logical division of an IP network.before you add it to the blacklist.
Show Acceptable Use Policy Page	Show the acceptable use policy page before the logon page. Default: Disabled
User idle timeout	The user idle timeout value for this profile. Specify the idle timeout value for the client in seconds. Valid range is 30-15300 in multiples of 30 seconds. Enabling this option overrides the global settings configured in theAAAAuthentication, Authorization, and Accounting. AAA is a security framework to authenticate users, authorize the type of access based on user credentials, and record authentication events and information about the network access and network resource consumption.定时器。如果这是残疾,全局设置re used.
Redirect URL	URLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.to which an authenticated user will be directed. This parameter must be an absoluteURLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.that begins with eitherhttp://orhttps://.
Bypass Apple and Android Captive Network Assistant	Enabling this knob will bypass AppleCNACaptive Network Assistant. CNA is a popup page shown when joining a network that has a captive portal.on iOS devices like iPad, iPhone, iPod and on Android devices. The user needs to performCaptive PortalA captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users.authentication from the browser.
URL Hash Key	If a redirectionURLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.is defined, enter aURLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.Hash Key to hash the redirectURLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.using the specified key. This parameter enhances security for theClearPass GuestClearPass Guest is a configurable ClearPass application for secure visitor network access management.loginURLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.so thatClearPass Policy ManagerClearPass Policy Manager is a baseline platform for policy management, AAA, profiling, network access control, and reporting. With ClearPass Policy Manager, the network administrators can configure and manage secure network access that accommodates requirements across multiple locations and multivendor networks, regardless of device ownership and connection method.can trust and ensure that the clientMACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network.address in the redirectURLUniform Resource Locator. URL is a global address used for locating web resources on the Internet.has not been tampered with by anyone. Default: Disabled.