Types of captive portal

Cloud Network Manager supports the following types of Captive portal authentication:

Internal Captive portal — An internal server is used for hosting the captive portal service. It supports the following types of authentication:

n Internal Authenticated — When Internal Authenticated is enabled, a guest user who is pre-provisioned in the user database has to provide authentication details.

n Internal Acknowledged —When Internal Acknowledged is enabled, a guest user has to accept the terms and conditions to access the internet.

External Captive portal— For external Captive portal authentication, an external portal on the cloud or on a server outside the enterprise network is used.

Walled garden

Administrators can also control the resources that the guest users can access and the amount of bandwidth or air time they can use at any given time. When an external Captive portal is used, administrators can configure a walled garden, which determines access to the URLs requested by the guest users. In a hotel environment, the unauthenticated users are allowed to navigate to a designated login page (for example, a hotel website) and all its contents. Users who do not sign up for the internet service can view only the “allowed” websites (typically hotel property websites).

Administrators can allow or block access to specific URLs by creating a whitelist and blacklist. When users attempt to navigate to other Websites, which are not in the whitelist of the walled garden profile, users are redirected to the login page. If the requested URL is on the blacklist, it is blocked. If it appears on neither list, the request is redirected to the external Captive portal.

Configuring a WLAN SSID for guest access

To create an SSID for guest access:

1.Select Wireless Configuration > Networks and then click Create New. The CREATE A NEW NETWORK data pane is displayed.

2.Enter a name that uniquely identifies a wireless network in NAME (SSID).

3.Select the PRIMARY USAGE as Guest.

4.Click the SHOW ADVANCED OPTIONS link. The advanced options for configuration are displayed.

5.Enter the required values for the following configuration parameters:

Table 24: WLAN SSID configuration parameters for guest network

Data pane item

Description

 

 

BROADCAST/MULTICAST

Select any of the following values under Broadcast filtering:

 

All — When set to All, the AP drops all broadcast and multicast frames

 

except DHCP and ARP.

 

ARP — When set to ARP, the AP converts ARP requests to unicast and

 

sends frames directly to the associated client.

 

Disabled — When set to Disabled, all broadcast and multicast traffic is

 

forwarded.

 

 

DTIM INTERVAL

The DTIM INTERVAL indicates the DTIM period in beacons, which can be

 

configured for every WLAN SSID profile. The DTIM interval determines how

 

often the AP should deliver the buffered broadcast and multicast frames to

 

associated clients in the powersave mode. The default value is 1, which

 

means the client checks for buffered data on the AP at every beacon. You can

 

also configure a higher DTIM value for power saving.

 

 

57 Wireless configuration

HP Cloud Network Manager User Guide