ExtremeCloud IQ- Site Engine & Extreme Management Center

  • 1.  Captive portal / Notification portal for everyone !

    Posted 04-13-2017 16:38
    I have couple situations when i need to configure Captive Portal not only for unregistered profile.
    For example for substitute of two phase authentication, when already authenticated user need additional authentication/authorisation to proof his rights or elevate it.
    Why couldn't i set checkbox on any rule to enable captive portal ? Maybe even with relevance ? Maybe even with checking whole two phase process ?:)
    As far as i see only unregistered users can do that [see captive].

    Also for notification would be nice if any user could see health verdict via website.

  • 2.  RE: Captive portal / Notification portal for everyone !

    Posted 04-15-2017 13:41
    I've never done it, but have you looked at the ExtremeWireless Integration Guide for setting up a captive portal?

    From the RADIUS side, there is an attribute you can send to indicate the captive portal is needed:
    Login-LAT-Port If you have ExtremeWireless Wireless Controllers on your network, the Login-LAT-Port is an attribute returned in the default RADIUS response. The Login-LAT-Port value is used by the controller to determine whether the authentication is fully authorized. A value of "1" indicates the authentication is authorized, where a value of "0" indicates that authorization is not complete. The value of "0" is used by the controller to determine that additional authentication is required and is a signal for the controller to engage its external captive portal and use HTTP redirection to force HTTP traffic from the end-system to the defined Extreme Access Control engine. This is used in conjunction with the Registration and Assessment features of NAC Manager.