CAPTIVE PORTAL ON VERSA

Everyone who works in this sector knows the captive portal. I won't explain to you what is the captive portal :)

Versa has a lot of features. This is amazing. Do these features work properly? One of the features is a captive portal. Let's see how to do this in Versa. Our topology is below.

I will make whole changes on branch device over Director.

First of all, I will create a certificate for SSL decryption. Why do we need a certificate? We need a certificate to be able to redirect HTTPS pages.

Captive Portal Setting;

Decryption Setting;

The important part of this article is here. If we do not use decrypt policies. the portal page won't be redirected for HTTPS pages. Our versa device will be a man-in-the-middle device.

Also if we do not want it to decrypt all sessions after authentication, you can change the policy like below.

Authentication Setting;

I use a local database for authentication. As you wish you can use LDAP, Kerberos, and SAMP profiles.

Authentication Dns Rule;

Sometimes I had a problem with DNS resolution Therefore I write this rule on the top of the authentication policies.

Troubleshooting;

I have prepared a video to show you whether the captive portal is working properly.

if you watch the video, you won't see any SSL error. Because I have exported the SSL certificate which I have created before and installed my client. when you enter the HTTPS pages you will see the certificate which is issued by networktcpip.

Install the certificate on the Client;

As you wish, if you have a certificate authority. You can validate the certificate(CSR) on versa device from the certificate authority. Thereby you do not need to install the certificate manually to every client.

Thanks for Reading.