Captive Portal for Guest Access
13.9 Configuring Walled Garden Access
SCALANCE W1750D UI
194
Configuration Manual, 02/2018, C79000-G8976-C451-02
13.9
Configuring Walled Garden Access
On the Internet, a walled garden typically controls access to web content and services. The
walled garden access is required when an external captive portal is used. For example, a
hotel environment where the unauthenticated users are allowed to navigate to a designated
login page (for example, a hotel website) and all its contents.
The users who do not sign up for the Internet service can view the allowed websites
(typically hotel property websites). The website names must be DNS-based and support the
option to define wildcards. When a user attempts to navigate to other websites that are not in
the whitelist of the walled garden profile, the user is redirected to the login page. AP supports
walled garden only for the HTTP requests. For example, if you add yahoo.com in walled
garden whitelist and the client sends an HTTPS request (https://yahoo.com), the requested
page is not displayed and the users are redirected to the captive portal login page.
In addition, a blacklisted walled garden profile can also be configured to explicitly block the
unauthenticated users from accessing some websites.
You can create a walled garden access in SCALANCE W UI or the CLI.
In the SCALANCE W UI
To create a walled garden access:
1.
Click the Security link at the top of the SCALANCE W main window. The Security window
is displayed.
2.
Click Walled Garden. The Walled Garden tab contents are displayed.
3.
To allow the users to access a specific domain, click New and enter the domain name or
URL in the Whitelist section of the window. This allows access to a domain while the user
remains unauthenticated. Specify a POSIX regular expression (regex(7)). For example:
–
yahoo.com matches various domains such as news.yahoo.com, travel.yahoo.com and
finance.yahoo.com
–
www.apple.com/library/test is a subset of www.apple.com site corresponding to path
/library/test/*
–
favicon.ico allows access to /favicon.ico from all domains.
4.
To deny users access to a domain, click New and enter the domain name or URL in the
Blacklist section of the window. This prevents the unauthenticated users from viewing
specific websites. When a URL specified in the blacklist is accessed by an
unauthenticated user, AP sends an HTTP 403 response to the client with an error
message. If the requested URL does not appear on the blacklist or whitelist, the request
is redirected to the external captive portal.
5.
To modify the list, select the domain name/URL and click Edit . To remove an entry from
the list, select the URL from the list and click Delete.
6.
Click OK to apply the changes.
Содержание SCALANCE W1750D UI
Страница 18: ...About this guide SCALANCE W1750D UI 18 Configuration Manual 02 2018 C79000 G8976 C451 02 ...
Страница 28: ...About SCALANCE W 3 3 SCALANCE W CLI SCALANCE W1750D UI 28 Configuration Manual 02 2018 C79000 G8976 C451 02 ...
Страница 108: ...IPv6 Support 10 4 Debugging Commands SCALANCE W1750D UI 108 Configuration Manual 02 2018 C79000 G8976 C451 02 ...
Страница 326: ......
Страница 356: ......
Страница 374: ......
Страница 416: ......
Страница 440: ......
Страница 450: ...Intrusion Detection 27 4 Configuring IDS SCALANCE W1750D UI 450 Configuration Manual 02 2018 C79000 G8976 C451 02 ...
Страница 470: ......
Страница 480: ......
Страница 496: ......
Страница 518: ...Hotspot Profiles 33 3 Sample Configuration SCALANCE W1750D UI 518 Configuration Manual 02 2018 C79000 G8976 C451 02 ...
Страница 528: ......
Страница 552: ......
Страница 570: ...Appendix B 3 Glossary SCALANCE W1750D UI 570 Configuration Manual 02 2018 C79000 G8976 C451 02 ...