How do I enable the WPA in SSID and Portal authentication?

  • 1
  • Question
  • Updated 5 years ago
  • Answered
  • (Edited)
Dear all,

I would like to enable the WPA in SSID and Portal authentication. Before passing the Portal authentication, the wireless client cannot access Internet. However, I would like to limit her Internet access to specific website. How can I do that?
Photo of gchan

gchan

  • 8 Posts
  • 0 Reply Likes

Posted 5 years ago

  • 1
Photo of steven

steven

  • 32 Posts
  • 2 Reply Likes
Hi,

This can be done using a walled garden which can be found within the CWP setting -> Optional Advanced Configuration -> Walled Garden.

Snippet from the help.
Walled Garden: A walled garden is an area of the network to which unregistered users are allowed access. If you redirect unregistered users to an external server, then you must include the IP address or domain name of that server in the walled garden. To create a walled garden, expand the section, click New, enter the following to define a rule permitting a type of service to a specific server or network segment, and then click Apply:

Server: This is the IP address or domain name of the external web server. Choose a previously defined IP address/host name object from the drop-down list, type a new IP address or domain name (up to 32 characters long), or click the New icon and define one.

Service: Choose Web to permit HTTP and HTTPS traffic from unregistered users to the external web server, choose All to permit all types of traffic, or choose Protocol and enter a protocol number and port number to define the type of service you want to permit.

Good luck

Steven
Photo of gchan

gchan

  • 8 Posts
  • 0 Reply Likes
Steven,

Thank you for your prompt information. Actually, what I want to do is to limit the wireless guess to the site "idmanager.aerohive.com" so he can register himself before using the "real" wireless. What is the best approach on it?

Thanks~
Photo of Sarah Banks

Sarah Banks

  • 75 Posts
  • 4 Reply Likes
Hi gchan,
Have you tried putting your specific URL into the URL/Server text box, as Steven pasted from the Help file?

Cheers
Sarah
Photo of gchan

gchan

  • 8 Posts
  • 0 Reply Likes
Dear Sarah,

Yes, I can find it. However, for the ID Manager, it only allows the 802.1x and psk authentication. So I always need the unregistered user to connect to another SSID for the connection. Am I correct? My idea is below, please correct me if I am wrong

1. Unregistered client connects to the "Open/WEP/WPA(Personal)" SSID and redirects to cloud ID Manager for self-registration
2. After clients gets the access key / password, she needs to reconnect to another SSID and pass the authentication, then access the secured SSID

Am I correct?
Photo of Sarah Banks

Sarah Banks

  • 75 Posts
  • 4 Reply Likes
Hi gchan,
Thanks for your response. Your points 1 and 2 are the expected behaviour today, yes. You are correct.