About Captive Portal Parent topic

If the user identification agent is unable to associate a user with an IP address, a captive portal can take over and authenticate the user with a web form.
To receive the web form, users must be using a web browser and be in the process of connecting. Upon successful authentication, users are automatically directed to the originally requested website. The firewall can now execute policies based on the user information for any applications passing through the firewall, not just for applications that use a web browser.
Important
Important
To enable captive portal, see Enabling Captive Portal.
The following rules apply to captive portals:
  • Captive portal rules work only for web (HTTP) traffic.
  • A web page prompts the user to specify a user name and password.
If the above-mentioned captive portal rules do not apply because the traffic is not HTTP or there is no rule match, then the firewall applies its IP address-based security policies.
Deep Edge validates the user name and password against LDAP server. If successfully authenticated, Deep Edge adds the IP address-to-user mapping to local cache for the time-to-live (TTL) life cycle. If authentication fails, Deep Edge notifies the user that authentication was not successful.
Deep Edge allows administrators to design and create the text that users see when they sign on. The customizable message includes:
  • Company logo
  • Company name
  • A welcome message
  • External HTTP link (URL)