Home » Netgear Manuals » Wireless » Netgear WFS709TP » Manual Viewer

Netgear WFS709TP WFS709TP Setup Manual - Page 134

Configuring Captive Portal, If you are using Captive Portal to authenticate users - guest network

UPC - 606449052336

Add to My Manuals
Save this manual to your list of manuals

Page 134 highlights

WFS709TP ProSafe Smart Wireless Switch Software Administration Manual If an appropriate server certificate is not installed in the WFS709TP, wireless clients that use Captive Portal may see a Security Alert message when logging in (Figure 8-1). Figure 8-1 To prevent this message from appearing on clients, install a valid server certificate as described in "Installing a Server Certificate" on page 13-19. You enable Captive Portal on a per-ESSID basis. Captive Portal users are initially allowed only DNS, DHCP, and HTTP or HTTPS connections to the network. Upon authentication, Captive Portal users are allowed full access to their assigned VLAN. Note: MAC-based authentication, if enabled on the WFS709TP, takes precedence over Captive Portal authentication. If you use Captive Portal, do not enable MAC-based authentication. Configuring Captive Portal The following are the basic tasks for configuring Captive Portal in the base operating system: • Configure the Captive Portal for guest or authenticated users. In the base operating system, you enable Captive Portal on a per-ESSID basis. • If you are using Captive Portal to authenticate users, configure the authentication server that will be used to validate users. The authentication server can be either an external server or the WFS709TP's internal database. 8-2 Configuring the Captive Portal v1.0, June 2007

Section	Page
WFS709TP ProSafe Smart Wireless Switch Software Administration Manual	1
Contents	7
About This Manual	13
Conventions, Formats, and Scope	13
How to Use This Manual	14
How to Print this Manual	14
Revision History	15
Chapter 1 Overview of the WFS709TP	17
WFS709TP System Components	17
NETGEAR ProSafe Access Points	17
WFS709TP ProSafe Switches	21
WFS709TP Software	23
Basic WLAN Configuration	24
Authentication	24
Encryption	26
VLAN	27
Wireless Client Access to the WLAN	29
Association	29
Authentication	30
Client Mobility and AP Association	31
Configuring and Managing the WFS709TP	32
Tools	34
Chapter 2 Deploying a Basic WFS709TP System	37
Configuration Overview	37
Deployment Scenario #1	37
Deployment Scenario #2	38
Deployment Scenario #3	40
Configuring the WFS709TP	41
Run the Initial Setup	42
Configure the Switch for the Access Points	44
Configure a VLAN for Network Connection	46
Connect the WFS709TP to the Network	48
Configure the Loopback for the WFS709TP	49
Deploying APs	50
Enable APs to Connect to the WFS709TP	51
Install APs	54
Provision APs	54
Additional Configuration	56
Chapter 3 Configuring Network Parameters	57
Configuring VLANs	57
Assigning a Static Address to a VLAN	58
Configuring a VLAN to Receive a Dynamic Address	59
Configuring Static Routes	61
Configuring the Loopback IP Address	62
Chapter 4 RF Plan	65
RF Plan Overview	65
Before You Begin	66
Task Overview	66
Planning Requirements	66
Using RF Plan	67
Building List Page	68
Building Specification Overview Page	68
Building Dimension Page	69
AP Modeling Parameters Page	71
AM Modeling Parameters Page	73
Planning Floors Page	74
AP Planning Page	81
AM Planning Page	83
Exporting and Importing Files	84
Locate	85
RF Plan Example	86
Sample Building	86
Create a Building	87
Model the Access Points	88
Model the Air Monitors	89
Add and Edit a Floor	89
Defining Areas	90
Running the AP Plan	93
Running the AM Plan	94
Chapter 5 Configuring WLANS	97
Before You Begin	97
Determine the Authentication Method	98
Determine the Default VLAN	100
Basic WLAN Configuration in the Browser Interface	100
Example Configuration	103
Advanced WLAN Configuration in the Browser Interface	105
Configuring Global Parameters	105
Configuring Location-Specific Parameters	106
Add or Modify SSIDs	106
Configure AP Information	108
Configuring Radio Settings	110
Example Configuration	113
IntelliFi RF Management	115
Channel Setting	115
Power Setting	115
Advantages of Using IRM	115
Configuring IRM	116
Chapter 6 Configuring AAA Servers	119
Configuring an External RADIUS Server	119
Adding Users to the Internal Database	121
Configuring Authentication Timers	122
Chapter 7 Configuring 802.1x Authentication	125
802.1x Authentication	125
Authentication with a RADIUS Server	126
Authentication Terminated on WFS709TP	127
Configuring 802.1x Authentication	128
802.1x Authentication Page	129
Advanced Configuration Options for 802.1x	130
Chapter 8 Configuring the Captive Portal	133
Overview of Captive Portal Functions	133
Configuring Captive Portal	134
Configuring Advanced Captive Portal Options	135
Configuring the AAA Server for Captive Portal	137
Changing the Protocol to HTTP	137
Personalizing the Captive Portal Page	138
Chapter 9 Configuring MAC-Based Authentication	141
Configuring the WFS709TP	141
Configuring Users	142
Chapter 10 Adding Local WFS709TPs	145
Moving to a Multi-Switch Environment	145
Configuring Local WFS709TPs	146
Configuring the Local WFS709TP	146
Configuring L2/L3 Settings	146
Configuring Trusted Ports	147
Configuring APs	147
Rebooting APs	148
Chapter 11 Configuring Redundancy	149
Virtual Router Redundancy Protocol	149
Redundancy Configuration	149
Configuring Local WFS709TP Redundancy	150
Master WFS709TP Redundancy	152
Master-Local WFS709TP Redundancy	153
Chapter 12 Configuring Wireless Intrusion Protection	157
Rogue/Interfering AP Detection	157
Enabling AP Learning	158
Classifying APs	158
Configuring Rogue AP Detection	160
Misconfigured AP Detection	161
Configuring Misconfigured AP Protection	161
Chapter 13 Configuring Management Utilities	163
Configuring Management Users	163
Configuring SNMP	164
SNMP for the WFS709TP	164
SNMP for Access Points	166
SNMP Traps	171
Configuring Logging	174
Creating Guest Accounts	176
Managing Files on the WFS709TP	178
Managing Image Files	179
Backing Up and Restoring the Flash File System	179
Copying Log Files	180
Copying Other Files	180
Installing a Server Certificate	181
Chapter 14 Configuring WFS709TP for Voice	183
Voice over IP Proxy ARP	183
Battery Boost	184
Limiting the Number of Active Voice Calls	185
WPA Fast Handover	186
Appendix A Configuring DHCP with Vendor-Specific Options	187
Overview	187
Windows-Based DHCP Servers	188
Configuring Option 60	188
Configuring Option 43	189
Linux DHCP Servers	190
Appendix B Windows Client Example Configuration for 802.1x	193
Window XP Wireless Client Example Configuration	193
Appendix C Internal Captive Portal	201
Creating a New Internal Web Page	201
Basic HTML Example	203
Installing a New Captive Portal Page	204
Displaying Authentication Error Message	204
Language Customization	206
Customizing the Welcome Page	212
Customizing the Pop-Up Box	214
Customizing the Logged Out Box	215
Appendix D Related Documents	217

Match case Limit results 1 per page

WFS709TP ProSafe Smart Wireless Switch Software Administration Manual

8-2

Configuring the Captive Portal

v1.0, June 2007

If an appropriate server certificate is not installed in the WFS709TP, wireless clients that use

Captive Portal may see a Security Alert message when logging in (

Figure 8-1

To prevent this message from appearing on clients, install a valid server certificate as described in

“Installing a Server Certificate” on page 13-19

You enable Captive Portal on a per-ESSID basis. Captive Portal users are initially allowed only

DNS, DHCP, and HTTP or HTTPS connections to the network. Upon authentication, Captive

Portal users are allowed full access to their assigned VLAN.

Configuring Captive Portal

The following are the basic tasks for configuring Captive Portal in the base operating system:

•

Configure the Captive Portal for guest or authenticated users. In the base operating system,

you enable Captive Portal on a per-ESSID basis.

•

If you are using Captive Portal to authenticate users, configure the authentication server that

will be used to validate users. The authentication server can be either an external server or the

WFS709TP’s internal database.

Figure 8-1

Note:

MAC-based authentication, if enabled on the WFS709TP, takes precedence over

Captive Portal authentication. If you use Captive Portal, do not enable MAC-based

authentication.