Controllerless Networks

last person joined: 2 days ago 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

Bypass Guest Captive Portal

This thread has been viewed 1 times

  • 1.  Bypass Guest Captive Portal

    Posted Jun 22, 2015 11:03 AM

    Hi is it possible to bypass my Guest Captive Portal for user to access webmail websites only, before they have to login through the Captive Portal?



  • 2.  RE: Bypass Guest Captive Portal

    Posted Jun 22, 2015 11:07 AM

    Yes, in your ACL you can allow specific domains. However this can be problematic with modern websites, as for example gmail might require a bunch of google servers or content delivery

     

    But you can whitelist mail.google.com and see what happens...

     

    basically in your Logon role, add an ACL which allows the external domains you want to allow.

     

    _ELiasz



  • 3.  RE: Bypass Guest Captive Portal

    Posted Jun 22, 2015 11:12 AM

    You did not mention if this is controller of IAP based. If it is IAP you should be able to write a rule for web category 'web mail' which might be easier then whitelisting specific domains.

     

    I don't know if the controller has an equivilant category system you could use.

     

    _ELiasz



  • 4.  RE: Bypass Guest Captive Portal

    Posted Jun 22, 2015 11:16 AM

    Hi this is using a 3600 controller as the master, should this ACL be set in the pre user role?

    I use pre-guest before you authenticate through the captive portal then you use the guest role.

     

    I could not see a domain to add in ACL?

     

    Thanks



  • 5.  RE: Bypass Guest Captive Portal

    Posted Jun 22, 2015 12:21 PM

    Hi Foxy_no5,

    You have to add your custom policy in Pre-Login role.

    Or you can add the same in whitelist under l3 authentication profile.

    If you want to add domain in your ACL then you have to add it under


    Advanced Services > Stateful Firewall > Destinations > Add Destination

     

    image 1.jpg



  • 6.  RE: Bypass Guest Captive Portal

    Posted Jun 23, 2015 04:41 AM

    Hi

     

    Thanks for your help!

    I have added the domain ok, but didnt work in the whitelist as still goes to the captive portal?

     

    I also tried adding firewall policy to pre-guest role but I am unable to change priority as it just reverts back to the bottom below the captive portal policy so unable to access still?



  • 7.  RE: Bypass Guest Captive Portal

    Posted Jun 23, 2015 04:50 AM
    1. for working the domain you need a valid DNS which resolves that.
    2. If you are trying to change the priority of policy, make sure you are
    clicking on apply button at bottom right corner.


  • 8.  RE: Bypass Guest Captive Portal

    Posted Jun 23, 2015 04:54 AM

    Hi

     

    Yes I have a valid dns and applied my priority change but it goes to the bottom each time?



  • 9.  RE: Bypass Guest Captive Portal

    Posted Jun 23, 2015 05:23 AM

    Hi

     

    I have added the whitelist again and i can now see it in the top of the firewall policy as list operations!

    However it will not allow me to delete old policy, can I do the in command line?

     

    Now when I try to browse to hotmail pre captive portal it tries but comes up with sertificate error and reverts back to login?



  • 10.  RE: Bypass Guest Captive Portal

    EMPLOYEE
    Posted Jun 23, 2015 07:50 AM

    Please show us your entire policy.

     

     



  • 11.  RE: Bypass Guest Captive Portal

    Posted Jun 23, 2015 07:55 AM

    I have now deleted the old firewall policy and using the whitelist, it looks ok as the first firewall policy and I can now see when I try to browse to an allowed website before teh captive portal login, it tries to load but stops?

    I also have another site that loads parts of the page?