Showing results for 
Search instead for 
Did you mean: 

Wing Captive Portal User Self-registration

Wing Captive Portal User Self-registration

New Contributor

Hello Community,


I read the documentation and another Zebra branded document. In my lab I had the setup working described in “CaptivePortal_Onboard_Self_Registration” where users enter their email address on the captive portal and are immediately authenticated / have internet access. However I cannot get a working configuration where users receive a password by email for captive portal authentication.

the setup is the following.

VX 9000 controller version

Access points are AP-7522, AP-7612 and AP-8432


Captive portal running on APs where users register with their email address. After registration they should receive a password for wifi login.



Users are redirected to the captive portal registration page. After users enter their email address and click the register button they are redirected to the login page, but don’t receive an email with a login password. I tested with the default captive portal html files provided by the controller.


Excerpt of running config

aaa-policy Guest-Self-Registration
authentication server 1 onboard centralized-controller
captive-portal Guest-Portal
access-type registration
access-time 10080
inactivity-timeout 86400
simultaneous-users 2
webpage internal login footer Please contact the front desk if you have not been issued a username and password.
use aaa-policy Guest-Self-Registration
no webpage internal registration field city enable
no webpage internal registration field street enable
no webpage internal registration field name enable
no webpage internal registration field zip enable
no webpage internal registration field via-sms enable
no webpage internal registration field mobile enable
no webpage internal registration field age-range enable
webpage internal registration field email type e-address enable mandatory label "Email" placeholder ""
no webpage internal registration field via-email enable
radius-group Guest-Self-Registration
policy vlan 200
radius-server-policy Testcorp-RADIUS-Policy
authentication data-source ldap ssid TestSSID01 precedence 1
authentication data-source local ssid Guest precedence 3
authentication data-source ldap fallback
authentication eap-auth-type peap-mschapv2
ldap-server primary host $LDAP-Config net-timeout 3
ldap-agent primary domain-name $LDAP-Config
use radius-group Guest-Self-Registration
use radius-group TestSSID01
guest-management TESTCORP-GM
email host sender security none
email subject Testcorp guest wifi password
email message Dear guest,CR-NLCR-NLyour password for Testcorp guest wifi is: GM_PASSCODECR-NLCR-NLbest regardsCR-NLTestcorp IT Department
profile vx9000 Tetscorp-VX9000
use radius-server-policy Testcorp-RADIUS-Policy
use guest-management TESTCORP-GM
use firewall-policy default
use auto-provisioning-policy NOC
use captive-portal server Guest-Portal
wlan Guest
ssid Guest
vlan 200
bridging-mode local
encryption-type none
authentication-type none
no answer-broadcast-probes
no client-client-communication
use wlan-qos-policy Guest
use captive-portal Guest-Portal
registration user group-name Guest-Self-Registration expiry-time 4320
use ip-access-list out BROADCAST-MULTICAST-CONTROL
use mac-access-list out PERMIT-ARP-AND-IPv4


The mongo db database is running on the controller.

vx9000-AABBCC*#show database status




localhost PRIMARY 17 sec


Authentication: Disabled Authentication User: None


I ran a debug log while trying to register to guest wifi. It looks like the controller receives a registration, but does not generate an email. After that the radius-policy kicks in and denies access.

vx9000-AABBCC*#remote-debug captive-portal rf-domain Testcorp-RF clients AA-BB-CC-11-22-33 events all
Printing upto 50 messages from each remote system for upto 60 seconds. Use Ctrl-C to abort
[ap7522-112233] 03:55:35.420: client:captive-portal registration req [HS_REG_REQ] received for AA-BB-CC-11-22-33 (extif.c:1380)
[ap7522-112233] 03:55:35.420: client:reg server[] proxy_mode[0] send_mode[0] reg req for AA-BB-CC-11-22-33 (extif.c:675)
[ap7522-112233] 03:55:35.420: client:user registration request/info sent to user-db (to adopter) (extif.c:704)
[ap7522-112233] 03:55:35.420: client:reg status [Successfully registered the user details] [1] for AA-BB-CC-11-22-33 (extif.c:1429)
[ap7522-112233] 03:55:35.420: client:sent guest registration response to cgi for AA-BB-CC-11-22-33 (extif.c:1435)
[ap7522-112233] 03:55:35.420: client:adding client AA-BB-CC-11-22-33 to hotspot user cache (usercache.c:339)
[ap7522-112233] 03:55:37.439: client:hotspot auth request received for AA-BB-CC-11-22-33 (extif.c:1314)
[ap7522-112233] 03:55:37.439: client:handle forwarded auth request message for client[AA-BB-CC-11-22-33:AA-BB-CC-11-22-33] (extif.c:517)
[ap7522-112233] 03:55:37.439: radius:aaa-policy Guest-Self-Registration user: AA-BB-CC-11-22-33 mac: AA-BB-CC-11-22-33 server_is_candidate: 1 0
[ap7522-112233] 03:55:37.440: radius:access-req sent to wireless controller to be proxied via its adopter centralized controller (if any) to 1
[ap7522-112233] 03:55:37.442: radius:rx access-reject for AA-BB-CC-11-22-33 (radius.c:3756)
[ap7522-112233] 03:55:37.442: client:Forwarding hs-auth-response to hsd with status Failure for AA-BB-CC-11-22-33 (extif.c:271)
[ap7522-112233] 03:55:37.442: client:hotspot authentication failed for client AA-BB-CC-11-22-33 (extif.c:1303)
[ap7522-112233] 03:55:48.748: client:Hotspot client IP: vlan :200 Mac:AA-BB-CC-11-22-33 (config.c:1427)
[ap7522-112233] 03:55:48.748: client:Found session [0x107688] for client AA-BB-CC-11-22-33 (hs_main.c:276)
[ap7522-112233] 03:55:48.748: client:Hotspot resolved IPv4: vlan :200 client: AA-BB-CC-11-22-33 (utils.c:88)
[ap7522-112233] 03:55:48.748: client:Hotspot client IP:, vlan :200, Mac: AA-BB-CC-11-22-33 (hs_main.c:2744)
[ap7522-112233] 03:55:48.748: client:Hotspot client AA-BB-CC-11-22-33 is being redirected on wlan 5 and vlan 200 (hs_main.c:2761)
[ap7522-112233] 03:55:48.748: client:read: client AA-BB-CC-11-22-33, num_bytes: 111, p_sess->buf: GET /connecttest.txt HTTP/1.1


Anybody has a similar setup working or an idea why it is not working as expected?

Thanks in advance