Captive portal / Notification portal for everyone !

Userlevel 2
I have couple situations when i need to configure Captive Portal not only for unregistered profile.
For example for substitute of two phase authentication, when already authenticated user need additional authentication/authorisation to proof his rights or elevate it.
Why couldn't i set checkbox on any rule to enable captive portal ? Maybe even with relevance ? Maybe even with checking whole two phase process ?:)
As far as i see only unregistered users can do that [see captive].

Also for notification would be nice if any user could see health verdict via website.

1 reply

I've never done it, but have you looked at the ExtremeWireless Integration Guide for setting up a captive portal?

From the RADIUS side, there is an attribute you can send to indicate the captive portal is needed:

Login-LAT-Port If you have ExtremeWireless Wireless Controllers on your network, the Login-LAT-Port is an attribute returned in the default RADIUS response. The Login-LAT-Port value is used by the controller to determine whether the authentication is fully authorized. A value of "1" indicates the authentication is authorized, where a value of "0" indicates that authorization is not complete. The value of "0" is used by the controller to determine that additional authentication is required and is a signal for the controller to engage its external captive portal and use HTTP redirection to force HTTP traffic from the end-system to the defined Extreme Access Control engine. This is used in conjunction with the Registration and Assessment features of NAC Manager.