3
Figure 1 provides a high-level view of Juniper Networks Enterprise
Guest Access. In this diagram, the Enterprise Guest Access
appliance is connected inline between the wireless and wired
guest users, and the Internet firewall. The Enterprise Guest Access
appliance, as the inline enforcement point, blocks guest traffic
until users have typed their credentials into the captive portal
served to them by the Enterprise Guest Access appliance and have
been authenticated for network access.
Enterprise Guest Access Sample Workflow
1. Guest access administrator creates a guest user account on the
Enterprise Guest Access appliance.
2. Guest access administrator provides credentials to the guest
user, typically via hard copy printout.
3. Guest user attempts to access the network, and access is
redirected to the Enterprise Guest Access appliance, which
serves the guest user a customized web-based captive portal
page in which the guest user types in credentials.
4. When authentication is successful and the device being used
meets the predefined security and access control policies, guest
user is allowed to access the areas of the network to which
authorization has been granted.
Enterprise Guest Access Network Diagram
Figure 1: Juniper Networks Enterprise Guest Access
Wireless Guest
Guest SSID
Internet
Firewall
L2 Wired or
Wireless
Environment
Firewalling
and DHCP
Services
Wired Guest
INTERNET
Enterprise Guest
Access appliance
External Port
192.168.10.90
Internal Port
192.168.10.10
Enterprise
Guest Access
appliance
Redirect
Enterprise
Guest Access
appliance
INTERNET
Enterprise
Guest Access
appliance
