How does WiNG Captive Portal (RADIUS) authentication work with locally bridged (self) mode and external captive portal web pages?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎02-02-2017 06:57 PM
I'm operating a WiNG wireless controller to manage remote APs. I'm attempting to setup external captive portal pages, and in order to have the APs handle the captive portal capture and redirection process (and RADIUS authentication) without tunneling traffic through the controller.
So far, the setup works as expected, clients are getting redirected to the proper captive portal page by the AP.
The first question is, once the external pages perform their auth processes,
1) How does the authentication form submission work on the AP (or does it) in this configuration?
I'm currently testing form submission (POST) with these two endpoints:
https://1.1.1.1:444/cgi-bin/hslogin.cgi
http://1.1.1.1:880/cgi-bin/hslogin.cgi
and these parameters:
f_user =
f_pass =
f_Qv =
f_hs_server = 1.1.1.1
2) Is the script at 1.1.1.1 served by the AP, or is that supposed to supposed to be the controller?
3) Can I post to 880 when in http redirection mode and https mode or at all?
So far, the setup works as expected, clients are getting redirected to the proper captive portal page by the AP.
The first question is, once the external pages perform their auth processes,
1) How does the authentication form submission work on the AP (or does it) in this configuration?
I'm currently testing form submission (POST) with these two endpoints:
https://1.1.1.1:444/cgi-bin/hslogin.cgi
http://1.1.1.1:880/cgi-bin/hslogin.cgi
and these parameters:
f_user =
f_pass =
f_Qv =
f_hs_server = 1.1.1.1
2) Is the script at 1.1.1.1 served by the AP, or is that supposed to supposed to be the controller?
3) Can I post to 880 when in http redirection mode and https mode or at all?
17 REPLIES 17
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-18-2018 06:28 PM
Thanks! You helped me a lot understanding the situation!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-18-2018 05:38 PM
I'm using Centralized Controller mode.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-18-2018 05:35 PM
What mode are you using for the Captive Portal:
Internal(self)
Centralized
or Centralized Controller
see notes above.
Internal(self)
Centralized
or Centralized Controller
see notes above.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-18-2018 05:27 PM
Thanks for your answer, Jeff.
In the case we have an AP managed by a controller, what would be 1.1.1.1?
Thanks in advance.
In the case we have an AP managed by a controller, what would be 1.1.1.1?
Thanks in advance.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎01-18-2018 05:21 PM
The AP has a web server in 'self' mode that serves an unencrypted page to accept authentication requests at 1.1.1.1 over port 880. SSL requests would happen over port 444. I can't speak to the details of the web server on the AP that handles redirects to external captive portal pages.
