Commands for Captive Portal

Table of Contents

12.1 Commands for authentication function

12.1.1 authentication-mode

Command: authentication-mode {chap | pap}
no authentication-mode
Function: This command is used to configure the encryption method used in authentication between client and authentication server. Use pap method or chap method.
Parameters:

  • chap: Challenge Handshake Authentication Protocol
  • pap: Password Authentication Protocol

Command mode: Captive Portal Configuration Mode
Default: chap authentication.
Usage guide: This command is used to configure the encryption method used in authentication between client and authentication server.
Example: Configure the authentication method as chap; delete chap configured to recover it to default.

active500EM(config-cp)#authentication-mode chap
active500EM(config-cp)#no authentication-mode

 

12.1.2 authentication-type

Command: authentication-type {internal | external}
Function: This command is used to configure the type of portal server. When it is configured as external, select the external portal server to launch the redirection page; when it is configured as internal, select built-in portal server to launch the redirection page. Built-in portal server function is provided by the portal server module within AC.
Parameters:

  • internal: internal portal server.
  • external: external portal server.

Command mode: Captive Portal Global Configuration Mode
Default: External portal server.
Usage guide: Set the portal server type.
Example: Configure the portal server type as external.

active500EM(config-cp)#authentication-type external

 

12.1.3 block

Command: block
no block
Function: Block all communications in the Captive Portal configuration. The users who have passed portal authentication will be forced offline and disassociated with the wireless authentication access point. A client that does not pass the portal authentication cannot be redirected and authenticated, and it will disassociate with the wireless controller and wireless authentication access point. The no command will disable this function and restore the normal user authentication function.
Parameters: None.
Command mode: Captive Portal Instance Configuration Mode
Default: None.
Usage guide: Block all communications of Captive Portal configuration.
Example: Block all communications of Captive Portal configuration.

active500EM(config-cp-instance)#block

 

12.1.4 captive-portal

Command: captive-portal
Function: Use this command to enter Captive Portal configuration mode.
Parameters: None.
Command mode: Global Configuration Mode
Default: None.
Usage guide: Use this command to enter Captive Portal configuration mode.
Example: Enter Captive Portal configuration mode for configuration.

active500EM(config)#captive-portal
active500EM(config-cp)#

 

12.1.5 clear

Command: clear
Function: This command sets the configuration of the routine to the default value.
Parameters: None.
Command mode: Captive Portal Instance Configuration Mode
Default: None.
Usage guide: Set the configuration of the portal routine to the default value.
Example: Set the configuration of the routine to the default value.

active500EM(config-cp-instance)#clear

 

12.1.6 configuration

Command: configuration <cp-id>
no configuration <cp-id>
Function: Use this command to enter Captive Portal routines mode. The no command will delete the portal captive routine configuration.
Parameters:

  • <cp-id>: the number of Captive Portal routines; range is 1 to 10.

Command mode: Captive Portal Global Configuration Mode
Default: None.
Usage guide: This configuration is used to configure Captive Portal routines. Each routine represents a class of users; users under the same routine have the same flow and rate configuration. The no command will delete a Captive Portal configuration. If there is an interface associated with a routine, then the no command will be invalid.
Example: Set the ID parameter as 4.

active500EM(config-cp)#configuration 4

 

12.1.7 enable (global)

Command: enable
disable
Function: Use this command to enable the Captive Portal function of the controller globally. Use the disable function to disable the Captive Portal function of the controller globally.
Parameters: None.
Command mode: Captive Portal Global Configuration Mode
Default: Disabled.
Usage guide: Use this command to enable global Captive Portal characteristics on the controller.
Example: Enable the global Captive Portal function on the controller.

active500EM(config-cp)#enable

 

12.1.8 enable (routine)

Command: enable
disable
Function: Enable Captive Portal configuration.
Parameters: None.
Command mode: Captive Portal Instance Configuration Mode
Default: Enable Captive Portal configuration.
Usage guide: disable command will disable the captive-portal function; after disabling this command, the portal users will be forced offline.
Example: Enable captive-portal function.

active500EM(config-cp-instance)#enable

 

12.1.9 external portal-server server-name

Command: external portal-server server-name <name> {ipv4 | ipv6} <ipaddr> [port <1- 65535>] no external portal-server {ipv4 | ipv6}server-name <name>
Function: Configure the external portal server. Launch the redirect page through this server. After inputting the correct username and password, the authentication is successful and the wireless client can access the outside network.
Parameters:

  • <name>: name of external portal server.
  • <ipaddr>: IP address of external portal server.
  • ipv4: the configured portal server address is ipv4 address.
  • ipv6: the configured portal server address is ipv6 address.
  • <1-65535>: number of portal server.

Command mode: Captive Portal Global Configuration Mode
Default: None.
Usage guide: Configure external portal servers; 10 can be configured at most. Each Captive Portal configuration can be bound to one portal server.
Example: Configure a external portal server.

active500EM(config-cp)#external portal-server server-name x1 ipv4 1.0.0.1 port 11111

 

12.1.10 http port

Command: http port <port-num>
no http port
Function: Use this command to add additional HTTP ports. The no command will restore the default http port configuration.
Parameters:

  • <port-num>: the effective port range is 0 to 65535; port 80 and 443 are reserved. HTTP default port is 0, which means there is no additional port added and the default port (80) has been used.

Command mode: Captive Portal Instance Configuration Mode
Default: 0.
Usage guide: This command can add or delete additional HTTP authentication ports. The client can launch authentication to the added port and receive a response. The no command will delete the added additional HTTP port, and the userâ????s HTTP request will be responded to automatically through port 80.
Example: Add HTTP port 88.

active500EM(config-cp-instance)#http port 88

 

12.1.11 interface ws-network

Command: interface ws-network <1-1024>
no interface ws-network <1-1024>
Function: The command can bind the Captive Portal interface and the captive configuration. The no command will remove the configuration.
Parameters:

  • <1-1024>: network ID.

Command mode: Captive Portal Instance Configuration
Default: None.
Usage guide: The command can bind the Captive Portal interface and the captive configuration.
Example: Bind the network of interface 4 to the Captive Portal routine.

active500EM(config-cp-instance)#interface ws-network 4

 

12.1.12 max-bandwidth-down

Command: max-bandwidth-down <0-536870911>
no max-bandwidth-down
Function: Use this command to define the maximum downlink data rate of the client network. The no command will restore the rate to the default state.
Parameters:

  • <0-536870911>: the maximum downlink data rate of client network; the unit is byte.

Command mode: Captive Portal Instance Configuration Mode
Default: 0.
Usage guide: This command defines the maximum rate of the downlink data; the unit is bps. The userâ????s downlink maximum rate cannot exceed the set value.
Example: Define the maximum data rate that client can receive from network as 4096.

active500EM(config-cp-instance)#max-bandwidth-down 4096

 

12.1.13 max-bandwidth-up

Command: max-bandwidth-up <0-536870911>
no max-bandwidth-up
Function: This command defines the maximum data rate the client can send to the network. The no command will restore the rate limit to the default state.
Parameters :

  • <0-536870911>: the maximum data rate the client can send to the network; the unit is byte.

Command mode: Captive Portal Instance Configuration Mode
Default: 0.
Usage guide: This command defines the maximum rate of the uplink data; the unit is bps. The userâ????s uplink maximum rate cannot exceed the set value when the parameter is set.
Example: Define the maximum data rate the client can send to the network as 4096.

active500EM(config-cp-instance)#max-bandwidth-up 4096

 

12.1.14 max-input-octets

Command: max-input-octets <0-4294967295>
no max-input-octets
Function: This command defines the maximum bytes that users are able to transmit. After reaching the defined restriction the user will be disconnected. The no command means the rate is not limited.
Parameters:

  • <0-4294967295>: the maximum bytes that users are able to transmit; unit is byte. The value of 0 means that the restriction function does not take effect.

Command mode: Captive Portal Instance Configuration Mode
Default: 0.
Usage guide: This command limits the maximum bytes a user can transmit; the maximum transmitting bytes cannot exceed the restriction threshold used by network resources. If it exceeds, the user will be disconnected.
Example: Define the maximum bytes that users are able to transmit to 4096.

active500EM(config-cp-instance)#max-input-octets 4096

 

12.1.15 max-output-octets

Command: max-output-octets <0-4294967295>
no max-output-octets
Function: This command defines the maximum bytes that the user can receive. After reaching the restriction defined, the user will be disconnected. The no command means the rate is not limited.
Parameters:

  • <0-4294967295>: the maximum bytes that the user can receive; unit is byte. The value of 0 means that the restriction function does not take effect.

Command mode: Captive Portal Instance Configuration Mode
Default: 0.
Usage guide: The command limits the maximum bytes outputting user can transmit; the maximum transmitting bytes cannot exceed the restriction threshold used by network resources. If it exceeds the threshold, the user will be disconnected.
Example: Define the maximum bytes that the user can receive as 1024.

active500EM(config-cp-instance)#max-output-octets 1024

 

12.1.16 max-total-octets

Command: max-total-octets <0-4294967295>
no max-total-octets
Function: This command defines the maximum number of bytes that users are allotted to send and receive. After reaching the restriction defined, the user will be disconnected. The no command means the rate is not limited.
Parameters:

  • <0-4294967295>: the maximum number of bytes that users are allotted to send and receive; unit is byte. The value of 0 means that the restriction function does not take effect.

Command mode: Captive Portal Instance Configuration Mode
Default: 0.
Usage guide: The command limits the maximum number bytes for users to send and receive; the maximum sending and receiving bytes cannot exceed the restriction threshold used by network resources. If it exceeds, the user will be disconnected.
Example: Set the maximum number of bytes that allows users to send and receive as 1024.

active500EM(config-cp-instance)#max-total-octets 1024

 

12.1.17 name

Command: name <cp-name>
no name
Function: Define the name of Captive Portal configuration.
Parameters:

  • <cp-name>: the name of Captive Portal configuration; up to 32 characters can be included and they can be a combination of numbers and letters.

Command mode: Captive Portal Instance Configuration Mode
Default: None.
Usage guide: Define the name of Captive Portal configuration.
Example: Define the name of Captive Portal configuration as abc123.

active500EM(config-cp-instance)#name abc123

 

12.1.18 portal-server

Command: portal-server {ipv4 | ipv6} <name>
no portal-server {ipv4 | ipv6}
Function: This command can bind specific external portal server for the CP configuration. Networks under this CP configuration all redirect authentication through this portal server.
Parameters:

  • <name>: binding portal server name.
  • ipv4: the bond portal server address is ipv4 address .
  • ipv6: the bond portal server address is ipv6 address.

Command mode: Captive Portal Instance Configuration Mode
Default: None.
Usage guide: Use this command to bind a specific external portal server for the CP configuration. It can also unbind the specific external portal server.
Example: Bind specific external portal server for the CP configuration.

active500EM(config-cp-instance)#portal-server ipv4 x1

 

12.1.19 protocol

Command: protocol {http | https}
Function: Configure a protocol mode Captive Portal supports.
Parameters:

  • http: select http mode.
  • https: select https mode.

Command mode: Captive Portal Instance Configuration Mode
Default: https mode.
Usage guide: Configure a protocol mode Captive Portal supports.
Example: Configure a protocol mode Captive Portal supports.

active500EM(config-cp-instance)#protocol https

 

12.1.20 radius-auth-server

Command: radius-auth-server <server-name>
no radius-auth-server
Function: Use this command to define the RADIUS authentication server of the Captive Portal configuration. The no command deletes the configuration.
Parameters:

  • <server-name>: radius authentication server name of Captive Portal configured.

Command mode: Captive Portal Instance Configuration Mode
Default: None.
Usage guide: Define the RADIUS authentication server of the Captive Portal configuration.
Example: Define the RADIUS authentication server of the Captive Portal configuration as radius_aaa_1.

active500EM(config-cp-instance)#radius-auth-server radius_aaa_1

 

12.1.21 show captive-portal

Command: show captive-portal
Function: Shows the characteristics status of the Captive Portal.
Parameters: None.
Command mode: Admin Mode
Default: None.
Usage guide: Show the relevant parameters of the Captive Portal function on this AC.
Example: Show Captive Portal status of enable and disable.
Captive Portal enable:

active500EM#show captive-portal
Administrative Mode............................ Enable
Operational Status............................. Enabled
CP IP Address.................................. 192.168.1.15

Captive Portal disable:

active500EM#show captive-portal
Administrative Mode............................ Disable
Operational Status............................. Disabled
Disable Reason................................. Administrator Disabled
CP IP Address.................................. 0.0.0.0

 

12.1.22 show captive-portal status

Command: show captive-portal status
Function: Shows the status of all the Captive Portals in the system.
Parameters: None.
Command mode: Admin Mode
Default: None.
Usage guide: This command shows the Captive Portal configuration and the supported property parameters on this AC.
Example: Show the Captive Portal status of the controller.

active500EM#show captive-portal status
Peer Switch Statistics Reporting Interval...... 120
Authentication Timeout......................... 300
Authentication Type............................ External
Supported Captive Portals...................... 10
Configured Captive Portals..................... 9
Active Captive Portals......................... 0
Local Supported Users.......................... 128
Configured Local Users......................... 0
System Supported Users......................... 1024
Authenticated Users............................ 0

 

12.1.23 show captive-portal trapflags

Command: show captive-portal trapflags
Function: Shows the available captive-portal SNMP traps.
Parameters: None.
Command mode: Admin Mode
Default: None.
Usage guide: Shows the tracking status parameters of the portal users.
Example: Show the available captive-portal SNMP traps.

active500EM#show captive-portal trapflags
Client Authentication Failure Traps............ Enable
Client Connection Traps........................ Enable
Client Database Full Traps..................... Enable
Client Disconnection Traps..................... Enable

 

12.1.24 show captive-portal configuration

Command: show captive-portal configuration <cp-id>
Function: Show the status of Captive Portal configuration.
Parameters:

  • <cp-id>: the ID number of Captive Portal; range is 1 to 10.

Command mode: Admin Mode
Default: None.
Usage guide: Show the configured parameters of the portal routine.
Example: Show the configured situation of Captive Portal 1.

active500EM#show captive-portal configuration 1
CP ID.......................................... 1
CP Name........................................ AC2_CP1
Operational Status............................. Enabled
Block Status................................... Not Blocked
Configured Locales............................. 1
Authenticated Users............................ 0

 

12.1.25 show captive-portal configuration interface

Command: show captive-portal configuration <cp-id> interface ws-network <id>
Function: Shows the interface information assigned to the Captive Portal configuration.
Parameters:

  • <cp-id>: ID number of cp.
  • <id>: the ID number of network binding to Captive Portal routine.
  • <cp-id> shows the content of a routine, while <id> shows the content of a network.

Command mode: Admin Mode
Default: None.
Usage guide: Shows the interface state of the a portal routine.
Example: Shows all the interface information of Captive Portal configuration.

active500EM#show captive-portal configuration 1 interface ws-network 1
CP ID.......................................... 1
CP Name........................................ AC2_CP1
Interface...................................... 11000
Interface Description.......................... Wireless Network 1
Operational Status............................. Enabled
Block Status................................... Not Blocked
Authenticated Users............................ 0

 

12.1.26 show captive-portal configuration status

Command: show captive-portal configuration [<cp-id>] status
Function: Shows the configuration information of all or specific Captive Portals.
Parameters:

  • <cp-id>: ID number of cp. The parameter <cp-id> means the content of a routine; without the parameter, show all the current configured routine parameters.

Command mode: Admin Mode
Default: None.
Usage guide: Show detailed configuration parameters of the portal routine.
Example: Show Captive Portal configuration status of all the routines:

active500EM#show captive-portal configuration status
CP ID       CP Name         Mode   Protocol Verification  AuthMethod
----- -------------------- ------- -------- ------------ ------------
1     AC2_CP1              Enable  HTTP     RADIUS
2     Default              Enable  HTTP     RADIUS
3     Default              Enable  HTTP     RADIUS
10    Default              Enable  HTTP     RADIUS

 

12.1.27 show captive-portal client status

Command: show captive-portal client [<FF-FF-FF-FF-FF-FF> { ipv4 | ipv6} <ip-addr>] status
Function: This command shows detailed connection information or an overview of users connected to the Captive Portal.
Parameters:

  • <FF-FF-FF-FF-FF-FF>: the MAC address of the user.
  • ipv4: user address is ipv4 address.
  • ipv6: user address is ipv6 address.
  • <ip-addr>: user address. ipv4 address uses decimal format with point, while ipv6 address uses the format of X:X::X:X.

Command mode: Admin Mode
Default: None.
Usage guide: This command shows the status of all or a portal user.
Example: Show detailed information of the user connected to the Captive Portal with MAC address of 34-08-04-30-07-ca.

active500EM#show captive-portal client 34-08-04-30-07-ca ipv4 192.168.1.1 status
Client MAC Address............................. 34-08-04-30-07-ca
Client IP Address.............................. 192.168.1.1
Protocol Mode.................................. HTTP
Verification Mode.............................. RADIUS
CP ID.......................................... 1
CP Name........................................ AC2_CP1
Interface...................................... 11002
Interface Description.......................... Wireless Network 3
User Name...................................... a1
Session Time................................... 0d:00:00:21
Switch MAC Address............................. f8-f7-d3-00-03-f0
Switch IP Address.............................. 192.168.1.1
Switch Type.................................... Local

 

12.1.28 show captive-portal configuration client

Command: show captive-portal configuration [<cp-id>] client status
Function: This command shows the client information through the portal authentication in an interface.
Parameters:

  • <cp-id>: ID number of Captive Portal.

Command mode: Admin Mode
Default: None.
Usage guide: This command shows the user parameters of a portal routine.
Example: Show all the portal configuration information of the client passed authentication.

active500EM#show captive-portal configuration 1 client status
CP ID.......................................... 1
CP Name........................................ AC2_CP1
Client            Client
MAC Address       IP Address      Interface Interface Description
----------------- --------------- --------- ----------------------------------------------
34-08-04-30-07-ca 100.1.1.1       11002     Wireless Network 3

 

12.1.29 show captive-portal ext-portal-server status

Command: show captive-portal ext-portal-server status
Function: Use this command to check the status of the external portal server.
Parameters: None.
Command mode: Admin Mode
Default: None.
Usage guide: Check the status of the external portal server.
Example: Check the status of the external portal server.

active500EM#show captive-portal ext-portal-server status
Server              IP Address      Port
Name
------------------- --------------- --------
x1                  192.168.1.10    1
x2                  192.168.1.12    2
x3                  192.168.1.13    3
x4                  192.168.1.14    4
x5                  192.168.1.15    5
x6                  192.168.1.16    6
x7                  192.168.1.17    7
x8                  192.168.1.18    8
x9                  192.168.1.19    9
x10                 192.168.1.20    10

 

12.1.30 show captive-portal interface ws-network client status

Command: show captive-portal interface ws-network <1-1024> client status
Function: This command shows the information of all or a specific interface of certified clients.
Parameters:

  • <1-1024>: network ID.

Command mode: Admin Mode
Default: None.
Usage guide: This command shows the information of an online portal user of a network.
Example: Show the certified client information on the specific network.

active500EM#show captive-portal interface ws-network 3 client status
Interface...................................... 11002
Interface Description.......................... Wireless Network 3
Client            Client
MAC Address       IP Address CP ID CP Name    Protocol               Verification
----------------- ---------- ----- ---------- ---------------------- ----
34-08-04-30-07-ca 192.168.1.1 1    AC2_CP1    HTTP                   RADIUS

 

12.1.31 show captive-portal interface configuration status

Command: show captive-portal interface configuration [<cp-id>] status
Function: This command shows the interface information of all Captive Portal configurations or a specific configuration.
Parameters:

  • <cp-id>: Captive Portal ID.

Command mode: Admin Mode
Default: None.
Usage guide: This command shows the binding relationship of all or a portal routines with interface.
Example: Show the interface information of all Captive Portal configuration.

active500EM#show captive-portal interface configuration status
CP ID   CP Name   Interface   Interface Des.       Type
------  --------  ----------  -------------------  ---------
1       AC2_CP1   11000       Wireless Network 1   Wireless
                  11001       Wireless Network 2   Wireless
                  11002       Wireless Network 3   Wireless
                  11003       Wireless Network 4   Wireless
2       Default   11004       Wireless Network 5   Wireless
3       Default   11005       Wireless Network 6   Wireless

 

12.1.32 show captive-portal interface capability ws-network

Command: show captive-portal interface capability ws-network <1-1024>
Function: This command shows all selected Captive Portal interface information, or specific Captive Portal interface ability.
Parameters:

  • <1-1024>: network ID.

Command mode: Admin Mode
Default: None.
Usage guide: This command shows the property parameters of the network that binds to portal supports.
Example: Show the interface information of the specific Captive Portal.

active500EM#show captive-portal interface capability ws-network 2
Interface...................................... 11001
Interface Description.......................... Wireless Network 2
Interface Type................................. Wireless
Session Timeout................................ Supported
Idle Timeout................................... Supported
Bytes Received Counter......................... Supported
Bytes Transmitted Counter...................... Supported
Packets Received Counter....................... Supported
Packets Transmitted Counter.................... Supported
Roaming........................................ Supported

 

12.1.33 snmp-server enable traps captive-portal

Command: snmp-server enable traps captive-portal
Function: Enable Captive Portal traps globally; the no command will disable this function.
Parameters: None.
Command mode: Global Configuration Mode
Default: Disabled.
Usage guide: When enabling the trap function of the Captive Portal, if the portal user authentication fails, the connection is successful. The controller authentication table is full and disassociated, and messages can be sent to the configured trap server to inform the server.
Example: Enable Captive Portal traps.

active500EM(Config)#snmp-server enable traps captive-portal

 

12.1.34 statistics interval

Command: statistics interval <0 | 15-3600>
no statistics interval
Function: Use this command to configure the interval of the controller sending portal user statistics information to the controller in the cluster. The no command will restore the default value.
Parameters:

  • <0 | 15-3600>: interval of sending portal user statistics information; unit is second. The parameter 0 means to disable this function.

Command mode: Captive Portal Global Configuration Mode
Default: 120s.
Usage guide: The interval of sending userâ????s information to the controller in the cluster can be changed from 15 to 3600 seconds freely.
Example: Configure the interval of controller sending portal user statistics information to the controller in the cluster as 120s.

active500EM(config-cp)#statistics interval 120

 

12.1.35 trapflags

Command: trapflags {client-auth-failure | client-connect | client-db-full | client- disconnect}
no trapflags {client-auth-failure | client-connect | client-db-full | client- disconnect}
Function: Use this command to enable capture of the portal SNMP traps. The no command will disable this function.
Parameters:

  • client-auth-failure: allow the SNMP interface routine to send a trap when a client failed to pass the Captive Portal authentication .
  • client-connect: allow the SNMP interface routine to send a trap when a client passes the Captive Portal authentication.
  • client-db-full: allow the SNMP interface routine to send a trap when there is an entity which cannot be added because the local database is full.
  • client-disconnect: allow the SNMP interface routine to send a trap when the client is disconnected from the Captive Portal.

Command mode: Captive Portal Global Configuration Mode
Default: Disabled.
Usage guide: The controller sends messages to the SNMP server when the user authentication fails. When the authentication is successful, the controller state table is full and the user is disconnected. If the parameters are not configured, all traps are enabled. SNMP traps can also use optional parameters by themselves.
Example: Set the SNMP interface routine to send a trap when a client fails to pass the Captive Portal authentication.

active500EM(config-cp)#trapflags client-auth-failure

 

12.2 Commands for accounting function

12.2.1 captive-portal client deauthenticate

Command: captive-portal client deauthenticate [<1-10> | <FF-FF-FF-FF-FF-FF> {ipv4 | ipv6} <ip-addr>] Function: Use this command to disassociate with the specified Captive Portal client.
Parameters:

  • <1-10>: Captive Portal ID.
  • <FF-FF-FF-FF-FF-FF>: MAC address of the client.
  • ipv4: user address is ipv4 address.
  • ipv6: user address is ipv6 address.
  • <ip-addr>: user address. ipv4 address is in decimal format A.B.C.D, while ipv6 address is in format X:X::X:X.

Command mode: Admin Mode
Default: None.
Usage guide: Use this command to disassociate with the client of the appointed MAC address; it can also remove all or a single user in the specified Captive Portal configuration. With no parameters, it can remove all users.
Example: Disassociate with the specified Captive Portal client.
Force the portal user offline on the controller:

active500EM#captive-portal client deauthenticate
The specified clients will be deauthenticated. Are you sure you want to deauthenticate clients? [Y/N]

Force the user offline on the routine 1:

active500EM#captive-portal client deauthenticate 1

Force a specific user offline:

active500EM#captive-portal client deauthenticate 34-08-04-30-07-ca ipv4 192.168.1.15

 

12.2.2 idle-timeout

Command: idle-timeout <0-900>
no idle-timeout
Function: Defines the user idle timeout of the Captive Portal configuration; if the configured value is exceeded and there is still no network traffic when the user passes portal authentication, the client will be forced offline. The no command will disable this function.
Parameters:

  • <0-900>: user idle timeout; unit is second. 0 means the function is not effective and the idle time is not limited.

Command mode: Captive Portal Instance Configuration Mode
Default: 0.
Usage guide: Defines the user idle timeout of the Captive Portal configuration. If configured as 0, the function is not effective.
Example: Define the user idle timeout of the Captive Portal configuration as 120s.

active500EM(config-cp-instance)#idle-timeout 120

 

12.2.3 radius accounting

Command: radius accounting
no radius accounting
Function: Use this command to enable the accounting function of the Captive Portal routine. The no command will disable the function.
Parameters: None.
Command mode: Captive Portal Instance Configuration Mode
Default: Disable the function of Captive Portal accounting.
Usage guide: Configure Captive Portal accounting function.
Example: Enable the accounting function of a Captive Portal routine.

active500EM(config-cp-instance)#radius accounting

 

12.2.4 radius-accounting update interval

Command: radius-accounting update interval <60-3600>
no radius-accounting update interval
Function: Configure the accounting updating interval of the portal user of AC sent to the radius. The no command will restore the default value.
Parameters:

  • <60-3600>: interval; unit is seconds.

Command mode: Captive Portal Instance Configuration Mode
Default: 300s.
Usage guide: Configure the accounting updating interval of the Captive Portal.
Example: Configure the accounting updating interval of the portal user of the AC sent to the radius as 60s.

active500EM(config-cp-instance)#radius-accounting update interval 60

 

12.2.5 radius-acct-server

Command: radius-acct-server <server-name>
no radius-acct-server
Function: Defines the RADIUS accounting server name of the Captive Portal configuration. The no command will delete the configuration.
Parameters:

  • <server-name>: radius accounting server name.

Command mode: Captive Portal Instance Configuration Mode
Default: None.
Usage guide: Define the RADIUS accounting server of Captive Portal configuration.
Example: Define the RADIUS accounting server of Captive Portal configuration as radius_aaa_1.

active500EM(config-cp-instance)#radius-acct-server radius_aaa_1

 

12.2.6 session-timeout

Command: session-timeout <0-86400>
no session-timeout
Function: Define session timeout of Captive Portal configuration. The no command will disable this function.
Parameters:

  • <0-86400>: session timeout; unit is second. 0 means timeout function is not effective.

Command mode: Captive Portal Instance Configuration Mode
Default: 0.
Usage guide: Define session timeout of Captive Portal configuration.
Example: Define session timeout of Captive Portal configuration as 100s.

active500EM(config-cp-instance)#session-timeout 100

 

12.2.7 show captive-portal client statistics

Command: show captive-portal client <FF-FF-FF-FF-FF-FF> { ipv4 | ipv6} <ip-addr>] statistics
Function: Show the specific Captive Portal client statistics.
Parameters:

  • <FF-FF-FF-FF-FF-FF>: MAC addresses of users that passed portal authentication.
  • ipv4: user address is ipv4 address.
  • ipv6: user address is ipv6 address.
  • <ip-addr>: user address. ipv4 address is in decimal format with point, while ipv6 address is the format of X:X::X:X.

Command mode: Admin Mode
Default: None.
Usage guide: This command shows traffic statistics information of a portal user.
Example: Show the client statistics with the MAC address of 34-08-04-30-07-ca.

active500EM#show captive-portal client 34-08-04-30-07-ca ipv4 192.168.1.15 statistics
Client MAC Address............................. 34-08-04-30-07-ca
Bytes Received................................. 88964
Bytes Transmitted.............................. 15157
Packets Received............................... 1153
Packets Transmitted............................ 22

 

12.3 Commands for free-resource

12.3.1 free-resource (global)

Command: free-resource <rule-number> {destination {any | { ipv4 | ipv6} <ip-addr> } | source {any | { ipv4 | ipv6} <ip-addr> }}
no portal free-resource {<rule-number> | all}
Function: Configure the free-resource rules; the wireless client who conforms the source IP address in rules can access the resources of the destination IP address. The AP does not redirect, the client can access directly without Portal authentication.
Parameters:

  • <rule-number>: free-resource ID.
  • ipv4: the configured free-resource address is ipv4 address.
  • ipv6: the configured free-resource address is ipv6 address.
  • <ip-addr>: free-resource rules interviewees?/visitors? IP addresses.
  • <netmask>: free-resource rules interviewees?/visitors? IP addresses.

Command mode: Captive Portal Global Configuration Mode
Default: None.
Usage guide: Configure the wireless client address segment (visitor) that can be free to access the resources and the address segment that is free to provide the resource (interviewee).
Example: Set free-resource rules.

active500EM(config-cp)#free-resource 1 destination ipv4 192.168.1.100/8 source ipv4 192.168.1.102/8

 

12.3.2 free-resource (routine)

Command: free-resource <rule-number>
no free-resource <rule-number>
Function: Configure free-resource rules for CP configuration. Network binding to this CP configuration can determine whether the flow sent from the client can be directly released without authentication according to this rule.
Parameters:

  • <rule-number>: free-resource rule number.

Command mode: Captive Portal Instance Configuration Mode
Default: None.
Usage guide: Bind a free-resource rule to the CP configuration; the CP configuration can bind several rules. A rule can be bound to a number of CP configurations. Rules are distributed to the AP; on AP, the packets in rules sent from the client will be directly released whether or not the client passed authentication.
Example: Bind free-resource rules.

active500EM(config-cp -instance)#free-resource 1

 

12.3.3 show captive-portal free-resource status

Command: show portal free-resource status
Function: Use this command to check the free-resource status.
Parameters: None.
Command mode: Admin Mode
Default: None.
Usage guide: Check the free-resource status.
Example: Check the free-resource status.

active500EM(config-cp-instance)#show captive-portal free-resource status
        Destination      Destination Source          Source
Rule ID IP Address       Mask length IP Address      Mask length
-------- --------------- ----------- --------------- -----------
1        192.168.1.100   8           192.168.1.102   8
2        192.168.1.200   8           192.168.1.201   8

 

12.4 Commands for MAC portal

12.4.1 mac-portal authentication

Command: mac-portal authentication
no mac-portal authentication
Function: Enable/disable the MAC portal function of a portal routine.
Parameters: None.
Command mode: Captive Portal Routine Configuration Mode
Default: None.
Usage guide: Enable the MAC portal function of a portal routine.
Example: Enable MAC portal function of configuration 1.

active500EM(config-cp-instance)#mac-portal authentication

 

12.4.2 mac-portal known-client

Command: mac-portal known-client <macaddr>
no mac-portal known-client <macaddr>
Function: Add/delete the MAC address of a client that is a MAC portal user.
Parameters:

  • <macaddr>: client mac address.

Command mode: Captive Portal Configuration Mode
Default: None
Usage guide: Add a client MAC address enabled MAC portal function.
Example: Add a client MAC address enabled MAC portal function.

active500EM(config-cp)#mac-portal known-client e0-05-c5-8e-10-05