Wireless Access

Good Morning,

We're in the process of consolidating our open-ssids (guest, initial-setup, and a new device-registration service) and I'm reviewing our captive-portal configuration settings. It appears in the past we utilized a separate permit-policy acl to allow access to the guest-login captive-portal page - but I see that there's a separate white-list/black-list option in captive portal. Is this more of personal-preference, performance affects, and are there advantages/disadvantages of doing a "Captive Portal Authentication White List" vs using a "permit policy" acl within the initial role?

It seems logical if you're configuring the redirect within the captive-portal profile that one would also white-list it a few lines down. :-)

---

@cappalli wrote:
While there’s no technical difference, the whitelist is preferred as it’s cleaner and much easier to manage.

Thanks Tim, that's what I was counting on and the white-list would be cleaner/manageable. Some of these configs were initially created about three years ago right before I arrived on the wireless team during a transition from Meru/Cisco NAC (what was used for Guest-Access) - so I'm working to better understand pre-existing settings during our upcoming migration.