Filter
Top Products
252 | CaptivePortalAuthentication DellPowerConnectW-SeriesArubaOS6.2 | User Guide
1. Edit the captive portal authentication profile by navigating to the Configuration > Security > Authentication
> L3 Authentication page.
a. Enable (select) “Use HTTP for authentication”.
b. Click Apply.
2. (For captive portal with role-based access only) Edit the captiveportal policy by navigating to the Configuration
> Security > Access Control > Policies page.
a. Delete the rule for “user mswitch svc-https dst-nat”.
b. Add a new rule with the following values and move this rule to the top of the rules list:
l source is user
l destination is the mswitch alias
l service is svc-http
l action is dst-nat
c. Click Apply.
To change the protocol to HTTP via the command-line interface, access the CLI in config mode and issue the
following commands:
(host)(config) #aaa authentication captive-portal profile
protocol-http
(For captive portal with role-based access only)
(host)(config) #ip access-list session captiveportal
no user alias mswitch svc-https dst-nat
user alias mswitch svc-http dst-nat
user any svc-http dst-nat 8080
user any svc-https dst-nat 8081
Configuring Redirection to a Proxy Server
You can configure captive portal to work with proxy Web servers. When proxy Web servers are used, browser proxy
server settings for end users are configured for the proxy server’s IP address and TCP port. When the user opens a
Web browser, the HTTP/S connection request must be redirected from the proxy server to the captive portal on the
controller.
To configure captive portal to work with a proxy server:
l (For captive portal with base operating system) Modify the captive portal authentication profile to specify the
proxy server’s IP address and TCP port.
l (For captive portal with role-based access) Modify the captiveportal policy to have traffic for the proxy server’s
port destination NATed to port 8088 on the controller.
The base operating system automatically modifies the implicit ACL
captive-portal-profile
.
The following sections describe how use the WebUI and CLI to configure the captive portal with a proxy server.
NOTE: When HTTPS traffic is redirected from a proxy server to the controller, the user’s browser will display a warning that the
subject name on the certificate does not match the hostname to which the user is connecting.
To redirect proxy server traffic using the WebUI:
1. For captive portal with Dell base operating system, edit the captive portal authentication profile by navigating to
the Configuration > Security > Authentication > L3 Authentication page.
a. For Proxy Server, enter the IP address and port for the proxy server.
b. Click Apply.