Mettle SE has Captive Portal feature used for HTTP authentication with a web browser. Once the Captive Portal has been enabled on a local network the clients on the network will be re-directed an HTTP authentication web page before they can start browsing or check their mails.
To enable captive portal on your Mettle SE:
- Go to Services --> Captive Portal --> Captive Portal tab
- Check the check box which says "Enable Captive Portal"
- Choose the interface captive portal is to be run on. Usually this is your local network.
- Enter the maximum number of concurrent connections that is to be allowed
- Enter the idle timeout in minutes. Clients will be disconnected after the time you specify.
- Enter the hard timeout in seconds. Clients (active clients also) will be disconnected after the time you specify exceeds.
- Check the box to enable logout popup window if required.
- Redirection URL - All clients after succesful login would be redirected to the URL entered here.
- Concurrent logins - If enabled only most recent login per username will be active. Subsequent logins will cause machines previously logged in with the same username to be disconnected.
- MAC filtering - If disabled, no attempts will be made to ensure that the MAC address of clients stays the same while they're logged in. This is required when the MAC address of the client cannot be determined (usually because there are routers between Mettle SE and the clients). If this is enabled, RADIUS MAC authentication cannot be used.
- Authentication - Chose 'No Authentication', 'Local user manager' or 'RADIUS'. If RADIUS is chosen enter the RADIUS Server details below. If 'Local User Manager' is chosen manage users in the "Users" tab.
- Enable HTTPs login - If enabled the user information would be transmitted via an HTTPS connection.
- Enter the details for the HTTPS servers in the fields below.
- Click on 'Save' after you have finished.
Captive Portal Pass through MAC
If a pass through MAC is added to Captive portal then users logging in from this MAC address will not be taken to a portal authentication page.
- Select Services --> Captive Portal-- > Pass through MAC tab to enable this.
- Click on the '+' button
- Enter the MAC address
- Enter a description (not parsed)
- Click on 'Save'
Captive Portal Allowed IP address
Adding allowed IP addresses will allow IP access to/from these addresses through the captive portal without being taken to the portal page. This can be used for a web server serving images for the portal page or a DNS server on another network, for example. By specifying
from addresses,
- Select Services --> Captive Portal --> Allowed IP addresses
- Click on the '+' button to add an IP address
- Choose the direction either From or To
- Enter the IP address to be allowed
- Enter a description for the IP address added (not parsed)
- Click on 'Save'
Manging Captive Portal Users
- Select Services --> Captive Portal --> Users
- To add an user click on the '+' button
- Enter the username
- Enter the password
- Confirm the pasword
- Enter users full name (not parsed)
- Enter an expiry date for the user you have created by clicking on the 'Calendar' button next to the text area. If a date is not entered the account will not expire.
- Click on 'Save'
Captive Portal File Manager
- Select --> Captive Portal --> File Manager
- Click on Browse and then Upload to upload the file.
- To add another file click on the '+' button
- To delete a file previously added click on 'x' button.
.JPG files uploaded in the captive portal file manager can be called in the portal page by using the html tab below:
<img src="captiveportal-test.jpg" width=... height=...>
In addition, you can also upload .php files for execution. You can pass the filename to your custom page from the initial page by using text similar to:
<a href="/captiveportal-aup.php?redirurl=$PORTAL_REDIRURL$">Acceptable usage policy</a>
The total size limit for all files is 256 KB.
