MAC Authentication with Captive Portal Authentication

You can enforce MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication for captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. clients. The following configuration conditions apply to MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. and captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication method:

If the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. splash page type is Internal-Authenticated or External-RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. Server, MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication reuses the server configurations.

If the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. splash page type is Internal-Acknowledged or External-Authentication Text and MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication is enabled, a server configuration page is displayed.

Configuring MAC Authentication with Captive Portal Authentication

The following procedure describes how to configure the MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication with captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication for a network profile using the WebUI.

Table 1: Configuring MAC Authentication with Captive Portal Authentication
New WebUI	Old WebUI
1. In the Configuration > Networks section, click + to create a new network profile or select an existing profile for which you configure internal captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication for a WLAN Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection. SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. or a wired profile and click Edit. NOTE: To enable MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication with captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication on a new WLAN Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection. SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. or wired profile, click the Security tab on the New WLAN window and the New Wired Network window. 2. Select the Security tab and specify the following parameters: a. Toggle the MAC authentication switch to enable MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication for captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. users. If the MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication fails, the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication role is assigned to the client. b. In case of a wired profile for employee access, toggle the 802.1X authentication switch to enable. This is in addition to enabling MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication. c. In case of a wired profile for guess access, select a profile from the Captive portal profile drop-down list. This is in addition to enabling MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication. d. To enforce MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication, go to the Access tab, select Role-based from the Access Rules drop-down list, and toggle the Enforce MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. auth only role switch to enable. 3. Click Next and then click Finish to apply the changes. NOTE: The Enforce MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. auth only role parameter is not supported on a WLAN Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection. profile for employee access.	1. Select an existing wireless or wired profile for which you want to enable MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. with captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication. Depending on the network profile selected, the Edit <WLAN-Profile> or the Edit Wired Network window is displayed. NOTE: To enable MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication with captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication on a new WLAN Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection. SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. or wired profile, click the Security tab on the New WLAN window and the New Wired Network window. 2. On the Security tab, specify the following parameters: a. Select Enabled from the MAC authentication drop-down list to enable MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication for captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. users. If the MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication fails, the captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication role is assigned to the client. b. In case of a wired profile, select the 802.1X authentication check box in addition to MAC authentication. c. To enforce MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication, click the Access tab and select Enforce MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. auth only role check box. 3. Click Next and then click Finish to apply the changes.

The following CLI Command-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands configure MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication with captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users. authentication for a wireless profile:

(Instant AP)(config)# wlan ssid-profile <name>

(Instant AP)(SSID Profile <name>)# type <guest>

(Instant AP)(SSID Profile <name>)# mac-authentication

(Instant AP)(SSID Profile <name>)# captive-portal {<type> [exclude-uplink <types>]|external [Profile <name>] [exclude-uplink <types>]}

(Instant AP)(SSID Profile <name>)# set-role-mac-auth <mac-only>

(Instant AP)(config)# wired-port-profile <name>

(Instant AP)(wired ap profile <name>)# type <guest>

(Instant AP)(wired ap profile <name>)# mac-authentication

(Instant AP)(wired ap profile <name>)# captive-portal <type>

(Instant AP)(wired ap profile <name>)# captive-portal {<type> [exclude-uplink <types>]|external [Profile <name>] [exclude-uplink <types>]}

(Instant AP)(wired ap profile <name>)# set-role-mac-auth <mac-only>