Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Captive Portal: Default Website Redirection

This thread has been viewed 4 times

  • 1.  Captive Portal: Default Website Redirection

    Posted Feb 12, 2013 11:12 PM

    I already I know the answers to these questions but higher ups want it validated...

     

    1. Is there a way for the Captive Portal to disregard the user's intended webpage and redirect them after authentication to a webpage of our choosing?

     

    2. If a Captive Portal is required for users to gain access to the wireless network, can it redirect unauthenticated devices to a webpage of our choosing until they decide to go to one of their choosing and then get redirected to the Captive Portal page?



  • 2.  RE: Captive Portal: Default Website Redirection

    EMPLOYEE
    Posted Feb 12, 2013 11:21 PM
    @WorlisMan wrote:

    I already I know the answers to these questions but higher ups want it validated...

     

    1. Is there a way for the Captive Portal to disregard the user's intended webpage and redirect them after authentication to a webpage of our choosing?  <YUP.  that is the welcome page parameter in the Captive Portal authentication profile>

     

    2. If a Captive Portal is required for users to gain access to the wireless network, can it redirect unauthenticated devices to a webpage of our choosing until they decide to go to one of their choosing and then get redirected to the Captive Portal page?

    <Uh... Maybe.  Why don't they get redirected to a webpage of your choosing that has a logon at the bottom?>

     

     



  • 3.  RE: Captive Portal: Default Website Redirection

    Posted Feb 13, 2013 03:43 PM

    Thanks Colin for the info...

     

    Here's the progression on what they  want...

     

    User has iPhone or Android, they walk into the building and the device connects to our guest network. I've created a Captive Portal page that gives our "Acceptable Use Policy" and a "I ACCEPT" button for authentication BUT>>> if they don't know to open a web browser and click on that button to authenticate, the management wants two things to happen...

     

    1. The device gets access anyway for E-mail and other social media communication, BUT still has to click that "I ACCEPT" button to browse the internet or use apps.

     

    2. The device doesn't have a default webpage and so it normally goes to a blank page, they want the Captive Portal to forward them to our home page ONLY if they are not requesting a specific website.

     

    I hope this helps.



  • 4.  RE: Captive Portal: Default Website Redirection
    Best Answer

    EMPLOYEE
    Posted Feb 13, 2013 03:46 PM

    In the "logon" role, you can allow email protocols above the Captive Portal redirect and that will allow them to do whatever they want. When they open a browser, they will be redirected to the captive portal. 



  • 5.  RE: Captive Portal: Default Website Redirection

    Posted Feb 14, 2013 08:49 AM

    Thanks Colin,

     

    Do  you happen to have those settings handy for MS Exchange access?



  • 6.  RE: Captive Portal: Default Website Redirection

    EMPLOYEE
    Posted Feb 14, 2013 08:57 AM
    The answer is "it depends". A quick google search for "firewall email ports" shows this: http://www.emailaddressmanager.com/tips/mail-servers.html, but it does not include port TCP 443, which is what Activesync might use.


  • 7.  RE: Captive Portal: Default Website Redirection

    Posted Feb 13, 2013 01:35 AM

    1. yes - there is a default template.
    2.u can enable welcome page - and use the webpage u want users to be landed into after the captive portal

     

    Untitled.png



  • 8.  RE: Captive Portal: Default Website Redirection

    Posted Feb 13, 2013 01:36 AM
    If you would like to see how to build your own captive portal page. (with a single button that will login the guests)

    go to the following link:
    http://community.arubanetworks.com/t5/ArubaOS-and-Mobility-Controllers/Captive-Portal-Login-page-quot-Login-in-1-Click-quot-template/td-p/61172

    and download the zip file.


  • 9.  RE: Captive Portal: Default Website Redirection

    Posted Feb 13, 2013 03:48 PM

    Thanks kdisc98 for the info, I've already found that article and it works great. I'm a Ravens fan so I have Joe Flacco authenticating all over my network :smileyhappy:

     

    I've tried using the Welcome page and such but that's not what they had in mind.



  • 10.  RE: Captive Portal: Default Website Redirection
    Best Answer

    Posted Feb 14, 2013 01:59 PM

    Even though it's not exactly what management wanted, they like the outcome anyway.

     

    To allow Clients access E-mail prior to authentications

    Per Colin I  modified the Captive Portal User Role and added

     

    Security > User Roles > Edit Role(cp-logon)

    any host [External IP for Mail Server] svc-https  permit 
    any host [External IP for Mail Server] svc-http  permit

     

    To default the user to our homepage after authentications (but not only when the client's browser has no default website set)

    Per kdisc98 I modified the

    Security > Authentication > L3 Authentication>Captive Portal Authentication Profile and in the "Welcome page" field I entered in http:// and then the website. Where I was going wrong before was I didn't add the "http://"

     

    Crossing my fingers that there are no additional requests from management. :smileywink:

     

    Thanks Colin & kdisc98!!