This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Extreme Networks
- Community List
- Network Management & Authentication
- ExtremeCloud IQ
- Guest Access Workflow Question - Temp Access?
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Guest Access Workflow Question - Temp Access?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
02-12-2021 02:16 PM
We recently made the jump to Extreme/Aerohive, but held off on rolling out Guest access because the building is closed to outsiders due to Covid. I still need to get Guest access working 100%.
Right now what I have comes straight from the Aerohive/Extreme docs:
-Guest connects to “Guest-Registration” SSID
-Fills out form (name, email, phone)
-dropped from “Guest-Registration” SSID
-Email sent with PPSK and the SSID to connect to
-Guest connects to the SSID provided in the email with the provided PPSK
All that works fine and was easy to setup (thank you Aerohive/Extreme!).
My question...how can I allow the Guest to stay connected to the “Guest-Registration” for up to 15 minutes (with unrestricted access) so they can actually go and check their email to get the email with their guest credentials?
Thanks!
+++Jeff
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
02-24-2021 12:50 PM
Hi Jeff,
Have you looked into the Extreme Guest application that’s included with XIQ Pilot licencing? This has a more customisability, including the option to add a walled garden. Users can still get their own individual keys that are sent out via email/text as with a PPSK, just that it’s in a separate section of XIQ. An additional benefit (in my opinion) is that the registration SSID and the actual guest SSID are the same, therefore, there’s no need to switch between the two.
Flow: Connect to Guest-SSID > splash page displayed > user enters details such as name, email, phone etc [optionally they can also add a “sponsor”, so they’d have to enter someone’s email of a certain domain (i.e. your own) to get approved access] > user gets credentials sent through email/text > user enters the details on the login section of the splash page
3 REPLIES 3
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
02-24-2021 12:50 PM
Hi Jeff,
Have you looked into the Extreme Guest application that’s included with XIQ Pilot licencing? This has a more customisability, including the option to add a walled garden. Users can still get their own individual keys that are sent out via email/text as with a PPSK, just that it’s in a separate section of XIQ. An additional benefit (in my opinion) is that the registration SSID and the actual guest SSID are the same, therefore, there’s no need to switch between the two.
Flow: Connect to Guest-SSID > splash page displayed > user enters details such as name, email, phone etc [optionally they can also add a “sponsor”, so they’d have to enter someone’s email of a certain domain (i.e. your own) to get approved access] > user gets credentials sent through email/text > user enters the details on the login section of the splash page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
02-23-2021 05:02 AM
My apologies for the delayed response.
So you’re saying Extreme/HiveManager does not have this capability yet? I’m frustrated because to me it seems so basic that it would be crazy not to have. I know factually that other top competitors of Extreme have it because I’ve implemented it.
In my thinking and reasoning, the following come to mind:
-what’s stopping someone from giving us a phony email address?
-with an invalid email address, how does someone like me reach out to the user for any of a laundry list of reasons?
-if they’re the type that gives phony email addresses, what’s stopping them from doing other dishonest actions if I let them on the network? It’s kind of a slippery slope quickly.
-what about the people who don’t txt or pay-per-text?? They are still out there, I was actually one until very recently because I keep my cell bill impressively low. I legitimately have visitors who are older that do not txt.
If I’m stuck going to my Extreme Account Exec and my Extreme Systems Engineer I will, but there are no words to express my frustration that Extreme lacks this basic capability for securing my guest network.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
02-12-2021 03:19 PM
Hi Jeff, so glad to hear the guest registration set up was easy! To answer your question, we would usually be able to create a walled garden to allow access to certain sites (such as email) prior to completing sign-on, but I set this up in my lab real quick and it doesn’t look like that we have the option to set up a walled garden with the self registration captive web portal (CWP).
Some possible alternatives: When guests register with the self registration email, their new credentials will be displayed on the device they registered with, so they could take a screen shot or write it down real quick and then go to the registration SSID, without needing to access their email.
There is also the option of delivering PPSK self registration credentials via a text message to the guests phone (you’d set this up in the user group settings).
If you’d like to request that we add in the ability to create a walled garden to self registration CWPs, I’d encourage you to contact your sales engineer (SE) to file a feature request. If you’re not sure who to contact for your SE, please let me know where you are located and I will find you a local SE to speak to.
