How do i block non browser HTTP (S) traffic for my guest devices in logon role
For all guest users by design we allow HTTP(S) access to CPPM in logon role.
Whenever the guest device ( a smart phone) associates to network all the apps goes online and send HTTP(S) traffic to CPPM. This traffic mat cause performance issues on CPPM based on the frequency of guests per minute.
We can avoid this by adding is_brower=1 in the Captive Portal redirect URL on the NAD device.
So if the URL for Captive portal page on CPPM is : https://10.17.164.111/guest/guest_register_login.php
we will edit the URL as : https://10.17.164.111/guest/guest_register_login.php?_browser=1
This feature was first introduced in 6.4.2 and is available in all the recent releases on CPPM.
Once we add this keyword in the redirect URL, CPPM will allow traffic initiated from browser and block traffic from apps etc in logon ( or initial role).