Reset Search



How to create Internal Captive Portal with Internal RADIUS authentication using CLI

« Go Back


TitleHow to create Internal Captive Portal with Internal RADIUS authentication using CLI
Guide on creating the internal captive portal with onboard RADIUS server
  • WiNG 5.X controller
  • WiNG 5.X access point
1. Create an aaa-policy that specifies the authentication server as onboard controller for internal RADIUS server:
aaa-policy on-board
authentication server 1 onboard controller
2. Then create the RADIUS related configuration 
Create a radius-group and categorized as guest group, specify the SSID, make sure it is the same SSID that you are about to create later on:
radius-group guest-group
policy ssid guest
Then create a radius user pool and create the user along with the password. For guest user, you will need to specify the guest user group.
radius-user-pool-policy guest-pool
user tester password 0 tester group guest-group guest expiry-time 23:59 expiry-date 12:31:2017 start-time 00:01 start-date 09:17:2017

Create the radius server policy and state to use the created radius-ser-pool-policy
radius-server-policy guest
use radius-user-pool-policy guest-pool

3. Create captive portal server, specify the server mode as Centralized Controller, and assign a virtual hostname then select the created AAA-policy
captive-portal guest
 server host WiNG-captive
 server mode centralized-controller 
 use aaa-policy on-board
4. Create a new wlan specially for guest
wlan guest
ssid guest
vlan 10
bridging-mode local
encryption-type none
authentication-type none
use captive-portal guest

At AP profile, map the guest wlan to profile of the intended broadcasting AP 
interface radio1
wlan guest bss 1 primary
At controller self, use the captive portal server and radius server service
use radius-server-policy guest
use captive-portal server guest

Additional notes



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255