This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

L7 ROLE versio 10.21.01

L7 ROLE versio 10.21.01

Luis_Mendes
Contributor

‎02-27-2017 06:53 PM

I using L7 roles to authenticate. I created a portal (external portal) to authenticate using GMAIL, WINDOWS (OUTLOOK), OR FACEBOOK login to authenticate.

Create rules L7 with these networks and only facebook not work. The customer authenticate with anothers networks.

I need create L7 rules with permit FACEBOOK, GMAIL. But only gmail Works. Any idea, i use ap 3705 and version 10.21.01

0 Kudos
14 REPLIES 14

Ronald_Dvorak
Honored Contributor

‎02-28-2017 01:44 PM

I've done ECP only with NAC but I think it's the same principle for internal/external which is you get only redirected to the portal if a deny rule is hit in the the unauthenticate role.

As a example take a look right here...
https://community.extremenetworks.com/extreme/topics/how-to-identifi-wireless-appliances-guest-porta...

If I unterstand that correctly that would mean that you'd need to deny mail, facebook so that clients get redirected to the portal if they use mail, facebook - right ?! *confused*
0 Kudos

Alexandr_P
Valued Contributor

‎02-28-2017 05:55 AM

Hello, Luis!

What solution you use for external portal to authenticate using GMAIL, WINDOWS (OUTLOOK), OR FACEBOOK login to authenticate?

Can you share your solution?
It's just interesting you experience.

Thank you!
0 Kudos

Ronald_Dvorak
Honored Contributor

‎02-27-2017 10:19 PM

Works for me - bridge@EWC, V10.21.02, AP3705i, in my case I've blocked traffic as that was easier to test.

Note: it took some minutes before the traffic was blocked so I'm not sure whether I've done something wrong or whether there is some sync happening until it's active.

59274111038a4d738c97d92a1d5bfb87_RackMultipart20170227-104265-14ajfxa-EWC_L7_inline.png



Have you enabled application visibility on the WLAN service ?

Back to the overall goal...I'm not sure whether I unterstand the setup..
the WLAN service is set to authentication for external captive portal and the screenshot show the unauthenticated traffic role ?
And then in case someone uses facebook, mail it should redirect to the portal and the user needs to authenticate on the portal ?
0 Kudos

Luis_Mendes
Contributor
In response to Ronald_Dvorak

‎02-27-2017 10:19 PM

Yes, application visibility is enable.
The screenshot show unauthenticated traffic.
Yes, mail, or google redirect because this traffic pass...
On facebook customer will be review the config of facebook portal and i will update you...
0 Kudos
GTM-P2G8KFN