Hi,
I need a captive portal with a customizable page (the internal captive portals are not customizable enough) that only grants access to the clients once they have agreed to the terms and conditions (the authentication text workflow doesn't allow this).
I am trying to configure an external captive portal with RADIUS server so that I can grant internet access to users from a PHP page, say valid.php, where they get redirected from index.php of my captive portal.
When I connect clients I can see the captive portal, but I don't know how the IAP can "detect" the RADIUS handshake that would happen between my PHP code and the RADIUS server.
I have configured the SSID:
- Splash Page Type is "External"
- Captive Portal Profile is of Type "RADIUS Authentication" (NOT Authentication Text)
- Primary Server is my RADIUS server with Shared Key
- I have validated my RADIUS config with the Linux tool radtest.
So here is my question: how do I grant internet access after the RADIUS authentication? Does my PHP code need to connect to the IAP via SSH and run some commands to move the client to the post-auth role??
I have found this list of steps that I understand but it doesn't exactly explain how the handshake is done: https://community.arubanetworks.com/t5/Wireless-Access/Externally-hosted-Captive-Portal-and-RADIUS-server-controller/m-p/221661?advanced=false&collapse_discussion=true&filter=location&location=forum-board:unified-wired-wireless-access&q=external%20captive%20portal%20radius&search_type=thread
Thanks for any help