Header Only - DO NOT REMOVE - Extreme Networks

How to redirect wireless user to landing page via NAC?


Userlevel 3
Hi,
we need a landing page and guest portal for users who do not use our own productive SSID.

Does somewhere exist a guide about (1) redirecting wifi-users to a NAC guest portal and/or (2) redirecting users to a landing page on a NAC where User presses a button and gets redirected to an external webserver URL?

I experimented with EWC/Wireless Service/Auth&Acct Mode: External. I addded two NACs there and activated MAC Auth. But I am unsure about all the options there (Buttons "Configure") and what to configure on the NAC.

Up to now the clients gets a role from EWC, which allows them to HTTP/HTTPS to the topologies L3-interface, the webserver to which they shall be redirected, DHCP, ARP and DNS.

When a client connects and tries to open a url, a message "internal error" appears.

4 replies

Userlevel 4
Hello,
Can you clarify what you mean by this… “We need a landing page and guest portal for users who do not use our own productive SSID”?

Also, redirecting users to a landing page on a NAC where the user presses a button and gets redirected to an external webserver is not common and does not sound applicable to a user registering through NAC. I'm not sure this is something we could easily configure other than just editing the portal configuration and placing an HTTP weblink in the Landing age…is that what you are asking for? What is the NAC-related reason to do this?

There may be some wireless knowledge-base articles on configuring the wireless controller for web redirect, but this is not configured on the NAC.

https://gtacknowledge.extremenetworks.com/

I can check with the GTAC’s wireless group on that as well.

Troubleshooting-wise, it may be best to contact the GTAC since the error you are seeing could be due to a number of reasons.





Scott Keene

Extreme GTAC
Userlevel 3
Landing page (welcome) SSID:
It is like captive splash directly on EWC. This SSID is open to everyone. But when user tries to open a Website like google, he is redirected to EWC where here reads a text, presses accept and gets then redirected to a certain webpage of ours. (Everything else is blocked by role/policy) Unfortunately the EWC captive splash portal is not really readable on smartphones.

In this thread ( https://community.extremenetworks.com/extreme/topics/identifi-captive-portal-design ) two solutions were presented: either use a NAC portal or try to work with .js or .css from another server. I want to go for the NAC solution.

It is very likely, that the error I see is the result of an uncomplete configuration. Thats why I try to find a guide which connects NAC and EWC before opening a case on GTAC.

I found this KB entry:
https://gtacknowledge.extremenetworks.com/articles/Solution/Wireless-users-do-not-get-redirected-thr...
I hadn't done this before, I configured this right now on the welcome-SSID but can test the result not until tomorrow because I am currently remote from office.
Userlevel 4
You can create a new NAC VNS unde the new VNS Wizard. This will create all of your roles, NAC servers and redirects. You will just have to make the necessary changes to the Roles.
Userlevel 3
Test was successful. The "internal errror" was probably the result of missing "Redirection URL" in WLAN Service / Auth&Acct / Mode Configure / Redirection URL.

The client sees now a portal from NAC. My next step will be having to look at the different portal types. "Guest Web Access" seems to be suitable for our welcome info SSID.

Reply