Filter
Top Products
240 | CaptivePortalAuthentication DellPowerConnectW-SeriesArubaOS6.2 | User Guide
n Allows DHCP exchanges between the user and the DHCP server during business hours while blocking other
users from responding to DHCP requests.
n Allows ICMP exchanges between the user and the controller during business hours.
l block-internal-access is a policy that you create that denies user access to the internal networks.
NOTE: The guest-logon user role configuration needs to include the name of the captive portal authentication profile instance.
You can modify the user role configuration after you create the captive portal authentication profile instance.
Creating an Auth-guest User Role
The auth-guest user role consists of the following ordered policies:
l cplogout is a predefined policy that allows captive portal logout.
l guest-logon-access is a policy that you create with the following rules:
n Allows DHCP exchanges between the user and the DHCP server during business hours while blocking other
users from responding to DHCP requests.
n Allows DNS exchanges between the user and the public DNS server during business hours. Traffic is source-
NATed using the IP interface of the controller for the VLAN.
l block-internal-access is a policy that you create that denies user access to the internal networks.
l auth-guest-access is a policy that you create with the following rules:
n Allows DHCP exchanges between the user and the DHCP server during business hours while blocking other
users from responding to DHCP requests.
n Allows DNS exchanges between the user and the public DNS server during business hours. Traffic is source-
NATed using the IP interface of the controller for the VLAN.
n Allows HTTP/S traffic from the user during business hours. Traffic is source-NATed using the I interface of
the controller for the VLAN.
l drop-and-log is a policy that you create that denies all traffic and logs the attempted network access.
Configuring Policies and Roles in the WebUI
Creating a Time Range
To create a time range via the WebUI:
1. Navigate to the Configuration > Security > Access Control > Time Ranges page to define the time range
“working-hours”.
2. Click Add.
a. For Name, enter working-hours.
b. For Type, select Periodic.
c. Click Add.
d. For Start Day, click Weekday.
e. For Start Time, enter 07:30.
f. For End Time, enter 17:00.
g. Click Done.
3. Click Apply.
To create the guest-logon-access policy via the WebUI:
1. Navigate to the Configuration > Security > Access Control > Policies page.
2. Select Add to add the guest-logon-access policy.