Captive portal / Notification portal for everyone !

  • 1
  • Idea
  • Updated 2 years ago
I have couple situations when i need to configure Captive Portal not only for unregistered profile.
For example for substitute of two phase authentication, when already authenticated user need additional authentication/authorisation to proof his rights or elevate it.
Why couldn't i set checkbox on any rule to enable captive portal ? Maybe even with relevance ? Maybe even with checking whole two phase process ?:)
As far as i see only unregistered users can do that [see captive]. 

Also for notification would be nice if any user could see health verdict via website. 
Photo of Tomasz Lubas

Tomasz Lubas

  • 534 Points 500 badge 2x thumb

Posted 2 years ago

  • 1
Photo of James A

James A, Embassador

  • 7,492 Points 5k badge 2x thumb
I've never done it, but have you looked at the ExtremeWireless Integration Guide for setting up a captive portal?

From the RADIUS side, there is an attribute you can send to indicate the captive portal is needed:
Login-LAT-Port If you have ExtremeWireless Wireless Controllers on your network, the Login-LAT-Port is an attribute returned in the default RADIUS response. The Login-LAT-Port value is used by the controller to determine whether the authentication is fully authorized. A value of "1" indicates the authentication is authorized, where a value of "0" indicates that authorization is not complete. The value of "0" is used by the controller to determine that additional authentication is required and is a signal for the controller to engage its external captive portal and use HTTP redirection to force HTTP traffic from the end-system to the defined Extreme Access Control engine. This is used in conjunction with the Registration and Assessment features of NAC Manager.