Captive Portal Application is intended for the hotspot organization— public (public, guest) Wi-Fi zone which require users authorization.
Captive Portal is the authorization page that forcibly redirects users who connect to the public network before they access the Internet.
Captive Portal work principles
The work principle of all such systems is the interception of the HTTP/HTTPS-session of user, who connected to public network and redirect him to external web-server for authorization. Then the user can be authorized via SMS or back call to his cell phone number. After authorization is complete, the user gets access to the Internet.
Captive Portal makes a call to the RADIUS server (which resides on the Captive Portal service provider's side), which is used for resource allocation (Provisioning), - connection time limit (session timeout), speed, traffic volume, and resource consumption control (Accounting).
Captive portals uses Universal Access Method (UAM) - universal access control method using AAA (Authentication, Authorization, Accounting) and RADIUS.
This service is provided by 3-rd party companies, and Keenetic is considered as the Captive Portal's client to work with their service.
The implementation of Captive Portal in the Keenetic is based on the open-source service Coova-Chilli. Most likely hotspot will successfully work with suppliers of this service by default.
For user's convenience most popular Captive portal providers profiles were added. Those companies conducted tests from their side too and confirm the correct work with their implementation of Captive portal. To configure it, simply select a profile from the drop-down list and specify the required connection parameters from the personal account on the service provider's website.
All the above mentioned providers are cloud services. Authorization takes place remotely on the servers of these companies. Besides them there are the so-called out-of-box solutions providers that offer software for installation on customer's servers. In this case customer get full control over the entire authorization system.
At the same time, you can configure the profile manually if the provider provides you data for the connection. The profile for manual configuration is presented in the 'Note' section in the bottom of this article.
To use Captive Portal, first you need to install the appropriate system component.
Then the Captive Portal feature will be available on the 'Guest network' page in 'Captive portal' section.
Example of Captive Portal configuration
Let's take a Hotspotsystem cloud operator as an example.
First we need to enable 'Captive portal' on 'Guest network' page and choose the 'HotspotSystem' profile in 'Profile' field.
You must fill 'Radius NAS ID' by yourself after you passed authorization on Captive portal provider's website.
To review full profile settings, click on 'Show profile'.
If some settings need to be changed, click on 'Edit profile'.
NOTE: Important! All profiles were integrated after successful tests. Do not edit the preset profile unless necessary.
Log in to the hotspotsystem website.
After you pass authorization and signed in, you have to add new hotspot location based on your business-model. Hotspotsystem offers two types of business models: PRO and FREE.
PRO version assume commercial access when user have to pay for Internet service by credit card or by buying voucher.
Then you have to enter detailed information about your hotspot location:
After you complete hotspot registration, you will see it in main menu of the hotspotsystem website. To see the list of your hotspots, go to 'Manage - Locations':
After you complete hotspot configuration, service will start on your guest Wi-Fi (it's the 'Guest network' by default). The guest network in this case can be either with a password (WPA-PSK) or without a password.
Keenetic allows you to separate guest network (Captive portal) and main network. Those users who connect to guest network need to pass authorization to access the Internet. And those users or network devices that connect to the main network will have access to the network without authorization. It could be system administrators or cameras. Each LAN port could be independently configured for one of the networks.
If you want to extend your wireless network coverage area, include Captive portal, you may connect additional router to your main router in 'Access point' mode.
Example of Captive portal connection
After connecting the mobile device to the public (guest) network, when you first time access any website on the Internet, you will be redirected to a special authorization page.
Choose the type of access your which you configured before when you added the hotspot.
TIP: TIP: Manual configuration of Captive Portal.
It is possible to configure the Captive Portal service provider profile manually if the provider provides connection data.
The profile for manual configuration is presented below.