Redirect guests to a different portal to register again for additional access after expiry
02-03-2019 05:47 PM
Hi, I want guests to register on portal 1 simply by either using clearpass or freeradius using facebook. I got this working already on clearpass. After a certain time though say 1 hour I want the guest account to expire and bring them back to a logon role and then send them to portal 2 where they will have a link to download an app and then using the app they will then again reauthenticate to gain additional access time. Is this possible? How do I go about this?
Re: Redirect guests to a different portal to register again for additional access after expiry
02-10-2019 12:02 AM
yes, it's possible. One way is to create a role (say cp2-initial-role) that has the 2nd captive portal assigned to it, then use RFC 3576 CoA (aka Dynamic Auth) to change the role from 'cp1-authenticated-role' to 'cp2-initial-role'.
existing firewall sessions from the device will not be affected by this change (if you're on some webpage it suddenly wont be hijacked as the session is already open), to try and speed it up you can disconnect the user to try and kick start the captive portal detection.