DescriptionConfigure Captive Portal Pass-through
ScopeKB Article Type: Configuration
RELATED PRODUCTS: controller
RELATED SOFTWARE VERSIONS: N/A
KEYWORDS: controller, captive portal, security, Pass-through
SolutionCaptive Portal allows guest users to access the network under certain
conditions. In addition, you can customize the welcome (splash) page.
The authentication can be performed with the RADIUS server or by setting
up Guest User IDs for security. Not all users need to be authorized and
authenticated by the Captive Portal; users of VPN software can pass
through the portal.
CONFIGURATION STEPS:
To enable the pass-through firewall filter ID, follow these steps:
GUI Steps:
Step 1 : Click "Configuration" tab >> "Security" >> "Profile".
Step 2 : Create a "Security profile" with “L2 modes allowed” as "Clear” and also enable captive portal by selecting “WebAuth”
Step
3 : Set the “Allow mentioned IP/Subnet to pass through Captive portal”
field by entering an IP address for VPN/IPSec filtering/pass-through.
When users log in to VPN, the browser-based Captive Portal login page is
bypassed.
Step 4 : Set the “Subnet Mask for allowed IP/Subnet to
pass through Captive portal” field by entering the subnet mask for the
pass-through IP address.
Step 5 : Create a new "ESS profile" and map the ESS profile to the above created security profile.
CLI Steps:
To Configure the Security and ESS profile:
MeruController1# configure terminal
MeruController1(config)# security-profile <security profile name>
MeruController1(config-security)# allowed-l2-modes clear
MeruController1(config-security)# captive-portal webauth
MeruController1(config-security)#captive-portal-passthru
<ip_addr subnet_mask of the network that needs to pass thru without
captive-portal authentication>
MeruController1(config-security)# exit
MeruController1(config)# essid <ess profile name>
MeruController1(config-essid)# security-profile <security profile name>
MeruController1(config-essid)# exit
