Creating the Captive Portal profile for external Web Authentication

The following steps configure the Captive Portal profile for external Web Authentication:

  1. Enter the configure terminal command to enter global configuration mode.
    device# configure terminal
    device(config)#
  2. Enter the captive-portal command to create a user-defined Captive Portal profile.
    device(config)# captive-portal cp_ruckus
    device (config-cp-cp_ruckus)#
    The Captive Portal command mode is enabled, where you can specify the external policy server details that enable the switch to handle the HTTP redirection mechanism.
  3. Enter the virtual-ip command to configure the IP address of the external policy server as the virtual IP address.
    You can enter the IP address or the DNS name, which will resolve to the IP address.
    device (config-cp-cp_ruckus)#  virtual-ip 10.21.240.42
  4. Enter the virtual-port command to configure the HTTP or HTTPS protocol port number to facilitate HTTP services for the clients in external Web Authentication.
    By default, HTTPS is used and the default port number for HTTPS is 443. You can also specify HTTP mode and the default port number for HTTP is 80.
    device (config-cp-cp_ruckus)#  virtual-port 80
    The protocol configured in the Captive Portal profile must be the same as the protocol configured as part of web management access using the web-management command.
  5. Enter the login-page command to configure the login page details to redirect the client to the login page hosted on the external policy server. Use one of the following options, depending on which NAC server you using:
    • if you are using Ruckus Cloudpath, use the following command syntax: login-page /enroll/page-name.

      device (config-cp-cp_ruckus)#  login-page /enroll/ruckus/guestlogin
    • if you are using Aruba ClearPass, use the following command syntax: login-page /guest/page-name

      device (config-cp-cp_ruckus)#  login-page /guest/ruckusguestlogin.php
    • if you are using Cisco ISE, use the following command syntax: login-page page-name created by the Cisco ISE server.

      device (config-cp-cp_ruckus)#  login-page ruckusguestlogin.php
    The login page details must be same as the login page hosted on the external policy server.
  6. (Optional) Enter the show captive-portal command to view the output of the configured Captive Portal profile.
    In this example, the Captive Portal is configured with Ruckus Cloudpath as the NAC.
    device(config)# show captive-portal cp_ruckus
    Configured Captive Portal Profile Details :
      cp-name               :cp_ruckus
      virtual-ip            :10.21.240.42
      virtual-port          :80
      login-page            :/enroll/ruckus/guestlogin.php