For hotel or Internet cafe guests, or employees who bring personal devices to work, the Captive Portal feature gives you control over user access to the Internet or other networks. When enabled, this feature presents a ‘terms and conditions’ page to which the user must agree before getting access to browse the web. The Captive Portal feature can be enabled and configured on the BLOCK/ACCEPT > Configuration page.
Example use cases:
- Hotel or Internet cafe guests tend to be unauthenticated and will browse based as 'guests' based on policies you create for unauthenticated users.
- BYOD (bring your own device) users, such as employees, can use their LDAP credentials to log into the portal and continue to browse based on policies you apply to authenticated users. You can also configure so that these users can browse as guests (unauthenticated) when using these devices.
User Experience and Authentication
With Captive Portal enabled, the first request from every user will be served a splash page displaying customized terms and conditions, which you configure on the BLOCK/ACCEPT > Block Message page. Once the user agrees or, for LDAP users, logs in, the page is not presented again for the duration of the browsing session and the user can view content that is not blocked for that user based on Captive Portal settings and block/accept policies. These settings allow for applying this feature to certain IP groups and unauthenticated ('guest') users. You can apply different policies depending on whether the user identifies with LDAP credentials or as a guest. Exclusions for IP groups are also configurable.
Note that all traffic is logged, and the session will time out automatically in 24 hours.