Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

616

Brocade Mobility RFS Controller System Reference Guide

53-1003099-01

11

5. Define the following Settings for the captive portal policy:

6. Use the AAA Policy drop-down menu to select the Authentication, Authorization and Accounting

(AAA) policy used to validate user credentials and provide captive portal access to the network.

If no AAA policies exist, one must be created by selecting the Create icon, or an existing
AAA policy can be selected and modified by selected it from the drop-down menu and
selecting the Edit icon.

7. Set the following Access parameters to define access, RADIUS lookup information and whether

the Login pages contain agreement terms that must be accepted before access is granted to
controller or service platform resources using the captive portal:

Captive Portal Policy

If creating a new policy, assign a name representative of its access permissions, location or intended
wireless client user base. If editing an existing captive portal policy, the policy name cannot be modified.
The name cannot exceed 32 characters.

Captive Portal Server
Mode

Set the mode as either Internal (Self), Centralized or Centralized Controller. Select the Internal (Self) radio
button to maintain the captive portal configuration (Web pages) internally. Select the Centralized radio
button if the captive portal is supported on an external server. Select the Centralized Controller radio
button if the captive portal is supported on a centralized controller or service platform. The default value
is Internal (Self).

Hosting VLAN
Interface

When using the Centralized Controller mode, specify the VLAN, between 0 and 4096 for client
communication. Select 0 to use the default client VLAN. 0 is the default setting.

Captive Portal Server

Set a numeric IP address (or DNS hostname) for the server validating guest user permissions for the
captive portal policy. This option is only available if hosting the captive portal on an External (Fixed) server
resource.

Connection Mode

Select either HTTP or HTTPS to define the connection medium to the Web server. Brocade recommends
the use of HTTPs, as is affords some additional data protection HTTP cannot provide. The default value
however is HTTP.

Simultaneous Users

Select the checkbox and use the spinner control to set from 1-8192 users (client MAC addresses) allowed
simultaneous access to the captive portal.

Access Type

Select the radio button for the authentication scheme applied to wireless clients using the captive portal.
Options include:
No authentication required - Clients can freely access the captive portal Web pages without
authentication.
Generate Logging Record and Allow Access - Access is provided without authentication, but a record of
the accessing client is logged.
Custom User Information for RADIUS Authentication - When selected, accessing clients are required to
provide a 1-32 character lookup data string used to authenticate client access.
RADIUS Authentication - An accessing client’s user credentials require authentication before access to
the captive portal is granted. This is the default setting.

RADIUS Lookup
Information

When Custom User Information for RADIUS Authentication is selected as the access type, provide a 1-32
character lookup information string used as a customized authentication mechanism.

Terms and Conditions
page

Select this option to include terms that must be adhered to for captive portal access. These terms are
included in the Agreement page when No authentication required is selected as the access type,
otherwise the terms appear in the Login page. The default setting is disabled.