This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forÂ
- Extreme Networks
- Community List
- Wireless
- ExtremeWireless (WiNG)
- Captive Portal page can not redirection
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Captive Portal page can not redirection
Captive Portal page can not redirection
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
3 weeks ago
I want to set up the captive portal on the guest ssid I set up on the wireless controller in the test environment. I finished setting up the guest ssid. However, when I connected the guest ssid, the captive portal page is not redirection.
I'd like to configure a basic captive portal service, is there anything I missed in the configration?
nx5500-86C498#show running-config
!
! Configuration of NX5500 version 7.9.6.1-003R
!
!
version 2.7
!
!
client-identity-group default
load default-fingerprints
!
ip access-list BROADCAST-MULTICAST-CONTROL
permit tcp any any rule-precedence 10 rule-description "permit all TCP traffic"
permit udp any eq 67 any eq dhcpc rule-precedence 11 rule-description "permit DHCP replies"
deny udp any range 137 138 any range 137 138 rule-precedence 20 rule-description "deny windows netbios"
deny ip any 224.0.0.0/4 rule-precedence 21 rule-description "deny IP multicast"
deny ip any host 255.255.255.255 rule-precedence 22 rule-description "deny IP local broadcast"
permit ip any any rule-precedence 100 rule-description "permit all IP traffic"
!
mac access-list PERMIT-ARP-AND-IPv4
permit any any type ip rule-precedence 10 rule-description "permit all IPv4 traffic"
permit any any type arp rule-precedence 20 rule-description "permit all ARP traffic"
!
ip snmp-access-list default
permit any
!
firewall-policy default
no ip dos tcp-sequence-past-window
!
!
mint-policy global-default
!
meshpoint-qos-policy default
!
wlan-qos-policy default
qos trust dscp
qos trust wmm
!
radio-qos-policy default
!
captive-portal captiveportal-test
access-type no-auth
server host guest.access.net
server mode centralized
webpage internal login main-logo use-as-banner
webpage-auto-upload
redirection ports 80
webpage internal registration field city type text enable label "City" placeholder "Enter City"
webpage internal registration field street type text enable label "Address" placeholder "123 Any Street"
webpage internal registration field name type text enable label "Full Name" placeholder "Enter First Name, Last Name"
webpage internal registration field zip type number enable label "Zip" placeholder "Zip"
webpage internal registration field via-sms type checkbox enable title "SMS Preferred"
webpage internal registration field mobile type number enable label "Mobile" placeholder "Mobile Number with Country code"
webpage internal registration field age-range type dropdown-menu enable label "Age Range" title "Age Range"
webpage internal registration field email type e-address enable mandatory label "Email" placeholder "you@domain.com"
webpage internal registration field via-email type checkbox enable title "Email Preferred"
!
wlan Harim-Holdings-MD-24G
ssid Harim-Holdings-MD-2.4G
vlan 220
bridging-mode local
encryption-type none
authentication-type none
!
wlan Harim-Holdings-MD-5G
ssid Harim-Holdings-MD-5G
vlan 220
bridging-mode local
encryption-type none
authentication-type none
!
wlan Harim-Holdings-MD-Guest
ssid Harim-Holdings-MD-Guest
vlan 980
bridging-mode local
encryption-type none
authentication-type none
use captive-portal captiveportal-test
captive-portal-enforcement
!
wlan Harim-Holdings-PG-24G
ssid Harim-Holdings-PG-2.4G
vlan 4
bridging-mode local
encryption-type none
authentication-type none
!
wlan Harim-Holdings-PG-5G
ssid Harim-Holdings-PG-5G
vlan 4
bridging-mode local
encryption-type none
authentication-type none
!
wlan Harim-Holdings-PG-Guest
ssid Harim-Holdings-PG-Guest
vlan 1980
bridging-mode local
encryption-type none
authentication-type none
!
wlan Harim-Holdings-SS-24G
ssid Harim-Holdings-SS-2.4G
vlan 2200
bridging-mode local
encryption-type none
authentication-type none
!
wlan Harim-Holdings-SS-5G
ssid Harim-Holdings-SS-5G
vlan 2200
bridging-mode local
encryption-type none
authentication-type none
!
wlan Harim-Holdings-SS-Guest
ssid Harim-Holdings-SS-Guest
vlan 2530
bridging-mode local
encryption-type none
authentication-type none
!
!
management-policy default
no telnet
no http server
nova
flash-ui
https server
rest-server
ssh
ssh enable-weak-mac-algo 1
user admin password 1 0aa700fedf5e576d8bb29d9d6a21d5d926ec199e5db4175bb3b7074d2d534dc5 role superuser access all
snmp-server community 0 private rw
snmp-server community 0 public ro
snmp-server user snmptrap v3 encrypted des auth md5 0 admin123
snmp-server user snmpmanager v3 encrypted des auth md5 0 admin123
!
ex3500-management-policy default
snmp-server community public ro
snmp-server community private rw
snmp-server notify-filter 1 remote 127.0.0.1
snmp-server view defaultview 1 included
!
ex3500-qos-class-map-policy default
!
ex3500-qos-policy-map default
!
profile nx5500 default-nx5500
no autoinstall configuration
no autoinstall firmware
no device-upgrade auto
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto load-management
crypto remote-vpn-client
interface ge1
interface ge2
interface ge3
interface ge4
interface ge5
interface ge6
interface pppoe1
use firewall-policy default
service pm sys-restart
router ospf
router bgp
adoption-mode controller
!
profile rfs4000 default-rfs4000
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto remote-vpn-client
interface radio1
interface radio2
interface up1
interface ge1
interface ge2
interface ge3
interface ge4
interface ge5
interface wwan1
interface pppoe1
use firewall-policy default
use client-identity-group default
logging on
service pm sys-restart
router ospf
router bgp
adoption-mode controller
!
profile ap410c Harim-Holdings-MD-AP410c
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto load-management
crypto remote-vpn-client
interface radio1
wlan Harim-Holdings-MD-24G bss 1 primary
wlan Harim-Holdings-MD-Guest bss 2 primary
mu-mimo
interface radio2
wlan Harim-Holdings-MD-5G bss 1 primary
wlan Harim-Holdings-MD-Guest bss 2 primary
mu-mimo
interface radio3
shutdown
interface bluetooth1
shutdown
mode le-sensor
interface ge1
switchport mode trunk
switchport trunk allowed vlan 1,220,980
interface ge2
interface vlan1
interface pppoe1
interface usb0
use firewall-policy default
use captive-portal server captiveportal-test
service pm sys-restart
router ospf
adoption-mode controller
!
profile ap410 Harim-Holdings-MD-AP410i
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto load-management
crypto remote-vpn-client
interface radio1
wlan Harim-Holdings-MD-24G bss 1 primary
wlan Harim-Holdings-MD-Guest bss 2 primary
mu-mimo
interface radio2
wlan Harim-Holdings-MD-5G bss 1 primary
wlan Harim-Holdings-MD-Guest bss 2 primary
mu-mimo
interface radio3
shutdown
interface bluetooth1
shutdown
mode le-sensor
interface ge1
switchport mode trunk
switchport trunk allowed vlan 1,220,980
interface ge2
interface vlan1
interface pppoe1
interface usb0
use firewall-policy default
service pm sys-restart
router ospf
adoption-mode controller
!
profile ap410c Harim-Holdings-PG-AP410c
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto load-management
crypto remote-vpn-client
interface radio1
wlan Harim-Holdings-PG-24G bss 1 primary
wlan Harim-Holdings-PG-Guest bss 2 primary
mu-mimo
interface radio2
wlan Harim-Holdings-PG-5G bss 1 primary
wlan Harim-Holdings-PG-Guest bss 2 primary
mu-mimo
interface radio3
shutdown
interface bluetooth1
shutdown
mode le-sensor
interface ge1
switchport mode trunk
switchport trunk allowed vlan 1,4,1980
interface ge2
interface vlan1
interface pppoe1
interface usb0
use firewall-policy default
service pm sys-restart
router ospf
adoption-mode controller
!
profile ap410 Harim-Holdings-PG-AP410i
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto load-management
crypto remote-vpn-client
interface radio1
wlan Harim-Holdings-PG-24G bss 1 primary
wlan Harim-Holdings-PG-Guest bss 2 primary
interface radio2
wlan Harim-Holdings-PG-5G bss 1 primary
wlan Harim-Holdings-PG-Guest bss 2 primary
mu-mimo
interface radio3
shutdown
interface bluetooth1
shutdown
mode le-sensor
interface ge1
switchport mode trunk
switchport trunk allowed vlan 1,4,1980
interface ge2
interface vlan1
interface pppoe1
interface usb0
use firewall-policy default
service pm sys-restart
router ospf
adoption-mode controller
!
profile ap410c Harim-Holdings-SS-AP410c
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto load-management
crypto remote-vpn-client
interface radio1
wlan Harim-Holdings-SS-24G bss 1 primary
wlan Harim-Holdings-SS-Guest bss 2 primary
mu-mimo
interface radio2
wlan Harim-Holdings-SS-5G bss 1 primary
wlan Harim-Holdings-SS-Guest bss 2 primary
mu-mimo
interface radio3
shutdown
interface bluetooth1
shutdown
mode le-sensor
interface ge1
switchport mode trunk
switchport trunk allowed vlan 1,2200,2530
interface ge2
interface vlan1
interface pppoe1
interface usb0
use firewall-policy default
service pm sys-restart
router ospf
adoption-mode controller
!
profile ap410 Harim-Holdings-SS-AP410i
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto load-management
crypto remote-vpn-client
interface radio1
wlan Harim-Holdings-SS-24G bss 1 primary
wlan Harim-Holdings-SS-Guest bss 2 primary
mu-mimo
interface radio2
wlan Harim-Holdings-SS-5G bss 1 primary
wlan Harim-Holdings-SS-Guest bss 2 primary
mu-mimo
interface radio3
shutdown
interface bluetooth1
shutdown
mode le-sensor
interface ge1
switchport mode trunk
switchport trunk allowed vlan 1,2200,2530
interface ge2
interface vlan1
interface pppoe1
interface usb0
use firewall-policy default
service pm sys-restart
router ospf
adoption-mode controller
!
profile ap410 default-ap410
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto load-management
crypto remote-vpn-client
interface radio1
interface radio2
interface radio3
interface bluetooth1
shutdown
mode le-sensor
interface ge1
interface ge2
interface pppoe1
interface usb0
use firewall-policy default
service pm sys-restart
router ospf
adoption-mode controller
!
profile ap410c default-ap410c
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto load-management
crypto remote-vpn-client
interface radio1
interface radio2
interface radio3
interface bluetooth1
shutdown
mode le-sensor
interface ge1
interface ge2
interface pppoe1
interface usb0
use firewall-policy default
service pm sys-restart
router ospf
adoption-mode controller
!
profile ap82xx default-ap82xx
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto remote-vpn-client
interface radio1
interface radio2
interface radio3
interface ge1
interface ge2
interface vlan1
ip address dhcp
ip address zeroconf secondary
ip dhcp client request options all
interface wwan1
interface pppoe1
use firewall-policy default
use client-identity-group default
service pm sys-restart
router ospf
adoption-mode controller
!
profile ap81xx default-ap81xx
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto remote-vpn-client
interface radio1
interface radio2
interface radio3
interface bluetooth1
shutdown
mode bt-sensor
interface ge1
interface ge2
interface vlan1
ip address dhcp
ip address zeroconf secondary
ip dhcp client request options all
interface wwan1
interface pppoe1
use firewall-policy default
use client-identity-group default
service pm sys-restart
router ospf
adoption-mode controller
!
profile ap7522 default-ap7522
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto load-management
crypto remote-vpn-client
interface radio1
transmit-beamforming
interface radio2
interface ge1
interface vlan1
ip address dhcp
ip address zeroconf secondary
ip dhcp client request options all
interface pppoe1
use firewall-policy default
use client-identity-group default
enforce-version adoption none
service pm sys-restart
router ospf
adoption-mode controller
!
profile ap7532 default-ap7532
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto load-management
crypto remote-vpn-client
interface radio1
interface radio2
interface ge1
interface vlan1
ip address dhcp
ip address zeroconf secondary
ip dhcp client request options all
interface pppoe1
use firewall-policy default
use client-identity-group default
enforce-version adoption none
service pm sys-restart
router ospf
adoption-mode controller
!
profile ap7562 default-ap7562
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto load-management
crypto remote-vpn-client
interface radio1
placement outdoor
interface radio2
placement outdoor
interface ge1
interface ge2
interface vlan1
ip address dhcp
ip address zeroconf secondary
ip dhcp client request options all
interface pppoe1
use firewall-policy default
use client-identity-group default
service pm sys-restart
router ospf
adoption-mode controller
!
profile ap7502 default-ap7502
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto load-management
crypto remote-vpn-client
interface radio1
interface radio2
interface ge1
interface fe1
interface fe2
interface fe3
no power
interface vlan1
ip address dhcp
ip address zeroconf secondary
ip dhcp client request options all
interface pppoe1
use firewall-policy default
use client-identity-group default
service pm sys-restart
adoption-mode controller
!
profile ap71xx default-ap71xx
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto remote-vpn-client
interface radio1
interface radio2
interface radio3
interface ge1
interface ge2
interface vlan1
ip address dhcp
ip address zeroconf secondary
ip dhcp client request options all
interface wwan1
interface pppoe1
use firewall-policy default
use client-identity-group default
service pm sys-restart
adoption-mode controller
!
profile ap6532 default-ap6532
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto load-management
crypto remote-vpn-client
interface radio1
interface radio2
interface ge1
interface vlan1
ip address dhcp
ip address zeroconf secondary
ip dhcp client request options all
interface pppoe1
use firewall-policy default
use client-identity-group default
service pm sys-restart
adoption-mode controller
!
profile ap650 default-ap650
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto load-management
crypto remote-vpn-client
interface radio1
interface radio2
interface ge1
interface vlan1
ip address dhcp
ip address zeroconf secondary
ip dhcp client request options all
interface pppoe1
use firewall-policy default
use client-identity-group default
service pm sys-restart
adoption-mode controller
!
profile ap6521 default-ap6521
autoinstall configuration
autoinstall firmware
interface radio1
interface ge1
interface vlan1
ip address dhcp
ip address zeroconf secondary
ip dhcp client request options all
interface pppoe1
use firewall-policy default
use client-identity-group default
service pm sys-restart
adoption-mode controller
!
profile ap621 default-ap621
autoinstall configuration
autoinstall firmware
interface radio1
interface ge1
interface vlan1
ip address dhcp
ip address zeroconf secondary
ip dhcp client request options all
use firewall-policy default
use client-identity-group default
service pm sys-restart
adoption-mode controller
!
profile ap6511 default-ap6511
autoinstall configuration
autoinstall firmware
interface radio1
interface up1
interface fe1
interface fe2
interface fe3
interface fe4
interface vlan1
ip address dhcp
ip address zeroconf secondary
ip dhcp client request options all
interface pppoe1
use firewall-policy default
use client-identity-group default
service pm sys-restart
adoption-mode controller
!
profile ap6562 default-ap6562
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto load-management
crypto remote-vpn-client
interface radio1
placement outdoor
interface radio2
placement outdoor
interface ge1
interface vlan1
ip address dhcp
ip address zeroconf secondary
ip dhcp client request options all
interface pppoe1
use firewall-policy default
use client-identity-group default
service pm sys-restart
adoption-mode controller
!
profile ap6522 default-ap6522
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto load-management
crypto remote-vpn-client
interface radio1
interface radio2
interface ge1
interface vlan1
ip address dhcp
ip address zeroconf secondary
ip dhcp client request options all
interface pppoe1
use firewall-policy default
use client-identity-group default
service pm sys-restart
adoption-mode controller
!
profile ap622 default-ap622
autoinstall configuration
autoinstall firmware
crypto ikev1 policy ikev1-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ikev2 policy ikev2-default
isakmp-proposal default encryption aes-256 group 2 hash sha
crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
crypto ikev1 remote-vpn
crypto ikev2 remote-vpn
crypto auto-ipsec-secure
crypto load-management
crypto remote-vpn-client
interface radio1
interface radio2
interface ge1
interface vlan1
ip address dhcp
ip address zeroconf secondary
ip dhcp client request options all
use firewall-policy default
use client-identity-group default
service pm sys-restart
adoption-mode controller
!
rf-domain HH-Madong
location HH-madong
timezone Asia/Seoul
country-code kr
ad-wips-wireless-mitigation disable
ad-wips-wired-mitigation disable
!
rf-domain HH-Pangyo
location HH-pangyo
timezone Asia/Seoul
country-code kr
ad-wips-wireless-mitigation disable
ad-wips-wired-mitigation disable
!
rf-domain HH-Sinsa
location HH-sinsa
timezone Asia/Seoul
country-code kr
ad-wips-wireless-mitigation disable
ad-wips-wired-mitigation disable
!
rf-domain default
no country-code
ad-wips-wireless-mitigation disable
ad-wips-wired-mitigation disable
!
nx5500 40-83-DE-86-C4-98
use profile default-nx5500
use rf-domain default
hostname nx5500-86C498
license AAP e1b0e7a6e59eb47dc42786f441bfe47150fafc9b847a1c19130732ce9c14e1cb21ded0e5d20f77bb
license ADSEC DEFAULT-ADV-SEC-LICENSE
ip default-gateway 172.26.13.1
interface vlan1
ip address 172.26.13.10/24
interface vlan980
logging on
logging console warnings
logging buffered warnings
adoption-mode controller
!
ap410c 18-49-F8-18-51-80
use profile Harim-Holdings-MD-AP410c
use rf-domain HH-Madong
hostname HH-MD-1F-AP-1
ip default-gateway 172.26.12.1
interface vlan1
ip address 172.26.12.10/24
use captive-portal server captiveportal-test
controller host 172.26.13.10
!
ap410 24-1F-BD-DB-53-0C
use profile Harim-Holdings-SS-AP410i
use rf-domain HH-Sinsa
hostname HH-SS-1F-AP-1
ip default-gateway 172.26.202.1
interface vlan1
ip address 172.26.202.10/24
controller host 172.26.13.10
!
ap410 24-1F-BD-DB-53-8A
use profile Harim-Holdings-PG-AP410i
use rf-domain HH-Pangyo
hostname HH-PG-1F-AP-1
ip default-gateway 172.26.102.1
interface vlan1
ip address 172.26.102.10/24
controller host 172.26.13.10
!
!
end
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
3 weeks ago
Your captive portal should run in server mode "centralized controller".
Then you have to map the captive portal to your controller and not to one specific access point.
Furhermore your controller needs to have an IP address in the captive portal VLAN (980), because the NX5500 will "play" webserver for the necessary captive portal webpages.
If you like to have each AP running the captive portal, you have to use the captive portal mode "Internal (Self).
But then each AP needs to have an IP address in VLAN 980.
Therefore, centralized controller will be the easiest.
Please have a look into the attachement.
It will explain the captive portal in WiNG in detail.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
3 weeks ago
I checked the attached PDF, and I saw the section about configuring captive portal in "centralized controller" server mode.
But my current test environment seems to be different from the example in the PDF.
Right now, I only have a wireless controller, switches, and APs in the lab.
There is no separate authentication server, DNS server, or web server for the captive portal page.
In this kind of setup, is it still possible to configure captive portal in "centralized controller" server mode?
My goal is that when a user connects to the guest SSID, they should be redirected to the captive portal web page.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
3 weeks ago
Yes, this is possible.
1. The webserver for the captive portal webpages is your controller. Therefore, the controller must have an IP address in VLAN 980.
2. The authentication server is your controller (again). You have to configure all the radius server details as described in the PDF file.
3. You must have a DNS server available in your network. The controller will not do so.
There is no need to add a DNS alias to the DNS server to resolve the captive portal alias.
The firewall in the controller will "intercept" the DNS request to the captive portal webserver alias and answer on behalf of the DNS server with the IP address of VLAN 980 from the controller. But before your client will send any DNS request, it will send an ARP request to the DNS server IP address. If there is no answer (ARP reply) to the ARP request, the client will never send any DNS request, therefore you must have a DNS server which is reachable...
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
2 weeks ago
Hello,
Based on your previous reply, I realized that there was no DNS server in my test environment, so I configured the switch to allow the test WLAN to reach the external Internet.
The switch is acting as the DHCP server, and I configured it to hand out the IP address of a DNS server located on the external network.
You mentioned that the controller firewall intercepts DNS requests for the captive portal webserver alias.
Is this something that needs to be configured under the firewall settings in WiNG Manager?
I checked the guide, but I could not find any firewall-related configuration there.
