Header Only - DO NOT REMOVE - Extreme Networks

Wing Captive Portal - Client Access Time and Centralized Controller Mode


Userlevel 1
Hi All,

I'm struggling to get our guest captive portal to work just like we intend it to, if you can please assist.

Client time:

The first issue I have is the client time, we pre-register the guest in the radius guest user pool with an intended expiration time, usually a few hours but on successful authentication the client always gets 24 hours (shown in the successful splash screen)

It seems it's taking the value from the captive portal policy Client Access Time "1440" minutes instead of the allocated time in the user's registration.

The tooltip for that field says the value to use if there's no session time value in the radius response field, but I can't seem to find anywhere to configure or check this.

I thought at first this was due to using the "self" mode to present the splash screen, but I'm using centralized mode and pointing it to the controller but it's doing the same. TAC told me to enable radius accounting as well but this doesn't seem to help either.

Server mode:

Not sure how to implement this in a optimal way

Self - Need the logos manually copied over to flash for each ap, which is not very good

Centralized - Probably intended to external host under a load balancer or redundancy of some sort since it only allows you to add a single host

Centralized Controller - This seems the right option but it asks for a host instead of giving me the option to choose the cluster itself which is what I need, otherwise is just like the option above. I need the client redirect to go to whichever controller is active in case of an outage but the controllers are in different subnets and you don't have a cluster virtual ip mechanism that's not lan dependant.

Thanks in advance,
Bruno

1 reply

Userlevel 3
The default 24 hours will be set if the radius session time is missing, GTAC was correct to ask you to enable radius accounting please confirm that the radius configuration is similar to the below config

aaa-policy INTERNAL-AAA
authentication server 1 onboard controller
accounting server 1 onboard controller
accounting type start-interim-stop
accounting interim interval 60

Now to your Sever mode Question.

as your aps are locally bridge, the correct option is Self, Centralized and Centralized Controller both require the data to be tunneled to the controller fo it act as the CP enforcement. custom pages then can be uploaded automatically on adoption

select Captive_portal_webpage_advanced

Web Page Auto Upload

The Advanced source option allows administrators to upload customized login, welcome, fail and agreement pages into the WiNG 5 devices performing the capture and redirection. The Advanced source option must be selected when customized pages are being hosted on a WiNG 5 device. Using the Internal option and uploading customized pages will result in the customized pages over-written.
Customized pages are typically based on the default system generated pages automatically created when the default Internal source option is selected. The system generated pages are downloaded from a WiNG 5 device to a TFTP or FTP server where they are modified using a standard HTML editor. The customized pages along with logos and other files are then uploaded onto one or more WiNG 5 devices.
In WiNG 5 customized pages can be simultaneously uploaded to multiple Access Points using the captive-portal-page-upload command. This command allows customized pages and images had to be quickly distributed to multiple Dependent / Independent Access Points across multiple sites. The customized content is zipped into a TAR archive and then distributed.

Reply