Aruba Networks, Inc.
Captive Portal Authentication
|
10
Amigopod and ArubaOS Integration
Application Note
Captive Portal Authentication Workflow
Figure 2
shows the phases that a guest user passes through during a captive portal authentication
process. In the Aruba system, the mobility controller acts as the network access server (NAS) and
Amigopod acts as the RADIUS server.
Figure 2
details the captive portal authentication workflow.
Figure 2 Workflow for captive portal authentication
1. The guest user associates their Wi-Fi device to the guest SSID. In the baseline VRD
configuration, this SSID is “Guest-Network.”
2. The guest user opens a browser. Based on the configured home page or requested web page,
the initial HTTP traffic is intercepted by the Aruba controller and redirected to the Amigopod web
login page defined in the captive portal profile.
3. The guest user enters their user credentials on the Amigopod web login page. Amigopod
performs any preauthorization checks that are required and displays the login message to the
guest user.
arun_0540
Associates [1]
Redirects
Guest
Mobility Controller (NAS)
Amigopod VMA
Automated NAS login
Submit form [3]
Login Message page [4]
Access-Accept [6]
Guest role [7]
Session timeout [10]
Access-Request [5]
Accounting-Request [8]
Accounting-Request [9]
Accounting-Response [9]
Accounting-Response
Accounting-Request [11]
Accounting-Response
Accounting
Accounting
Interim Accounting
Authorization
Web login
Authentication
Browse to Landing page [2]
Unregistered role
Complete login form
Internet browsing
States:
Unauthorized
Authenticating
Authorized