Captive Portal Configuration

Configure Captive Portal Profile

For DNAT supported Vendor

To configure Access Rules for Network Vendors that support DNAT (ex: Aruba), perform the below steps:

  1. On Access Profiles tab, create a Access Profile for Captive Portal
  2. On Aruba drop-down, declare a values (ex: ORG_B_2084RDR) for Aruba-User-Role attributes
  1. On Rules tab, add a new Rule and select to assign to the above Captive Portal profile
  1. On the Network Vendor (ex: Aruba) console, create an ACL (Network Access Control List) to forward traffic to your NAC Edge.

For VLAN supported Vendor

To configure Access Rules for Network Vendors that support VLAN redirect (ex: Cisco), perform the below steps:

  1. On Access Profiles tab, create a Access Profile for Captive Portal
  2. On Cisco dropdown, declare a value (ex: 1776) for Tunnel-Private-Group-Id attribute
  1. Config redirect for VLAN

Pre-condition: a Layer 3 router or switch with ACL (Access Control List) and Policy Routing capabilities is required. The configuration will involve the following sections:

  • ACL and Policy Map on Router
Bash
Copy

How to verify

  1. Using a test device & Connect to the Network
  2. If the agent is not installed on that machine, the browser will be redirect to a remediation page, prompting the user to install Agent.

Note: For Apple devices, IT admin can make use of DHCP option 114 on Windows DHCP server to get NAC integrated with Apple CNA (Captive Network Assistant),

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Configure EAP-TLS for Cloud RADIUS Authentication
On This Page
Captive Portal ConfigurationConfigure Captive Portal ProfileFor DNAT supported VendorFor VLAN supported VendorHow to verify