Captive Portal Configuration
1.
Introduction
Captive Portal is a Guest
management platform for NetCyte NAC System. It is used for registering and
authentication of Guest users. It is also used for Authentication Portal for
Corporate users.
Because it is a web
application platform, its appearance should be customized based on user types
and needs. This document aims to explain how to customize Captive Portal servers from NAC Server
management panel
2. Captive
Portal
a. Installation
Captive
Portal is deployed as customized virtual machine images. These images can be
run on Hyper-V or VMWare ESXi Server.
Please use the below links to
download predefined Virtual Machine according to your virtualisation
environment.
For VMWare ESX Environment:
http://download.netcyte.co/NetCyte/NetCyte-Captive-ESX.zip
For Hyper-V Environment:
http://download.netcyte.co/NetCyte/NetCyte-Captive-HyperV.zip
For deployment of the virtual
machine, please refer to your virtualisation platform guide. Once you finish
deployment, you can access the Captive Portal through the console.
To log in to Captive Portal use:
Username: root
After the deployment
process, you can access the virtual machine via console. Once you log
in to the system, run the initialize_captive command on the console
to set initial system configuration and integrate your NetCyte NAC system.
Figure 1 Initialize Captive and
Integrate NAC System
|
Settings |
Explanation |
|
e0 settings |
Eth0, e0 is used for inline
deployment, and you can set any IP address. |
|
e1 settings |
Eth1, e1 is the interface
used for communication with external systems. Captive Portal will communicate
NetCyte NAC System, goes through the Internet and answer Client DNS request
via this IP. |
|
Database Used |
Type of database used. For
the NetCyte NAC Integration always select option 2. |
|
MS-SQL Remote IP |
Remote IP address of MSSQL
Database server. |
|
MS-SQL Database |
NetCyte NAC Server main
database name. Default is netcyte. |
|
MS-SQL Username |
MSSQL User name to access
netcyte database. This user should have Read/Write/Delete privileges on
netcyte database. If you are using NetCyte Preconfigured NAC Virtual Machine,
use "sa" as a user. |
|
MS-SQL Password |
The password of MSSQL user.
If you are using NetCyte Preconfigured NAC Virtual Machine uses
"Password12345!!" |
|
Connection Interval |
Define how often
Captive Portal will check configuration changes on NAC Database. |
|
LDAP/Domain |
Enter
your Active Directory IP address and FQDN of your domain |
Table 1 Captive Portal Initial
Settings
Once you finish
your settings, you can access Captive Portal using SSH via e1 IP Address. Also,
you can check your Captive Installation on NetCyte Management interface using
menu Captive Portal à Captive Portal Settings under Captive Monitoring.
Single NetCyte NAC Server can manage one or more Captive Portal at the same
time.
You can view which configuration profile is applied on each
captive portal. Configuration profiles are set of settings and files which are
pooled by the captive portal in each update interval which is configured during
Captive Portal initialisation. These settings and data together define how
captive portal shows up to uses. You can change applied configuration profile editing
Captive Portal using modify option.
b.
Creating Configuration Group
Configuration groups are located under the Captive PortalàCaptive Portal Settingsà
Group Configuration.
Figure 3 Captive Portal Configuration
Groups
Default Group is predefined configuration profile. You can edit this profile or create a copy of this profile by using Create Copy button under Modify column.
Figure 4 Create New Configuration
Profile
After creating a new configuration profile, one copy of Resource
and Resource Setting is also created for the new profile.
c.
Resource and Resource Settings
Resource and Resource settings contain actual settings and
appearance data. You can access both menus under the Captive Portal à Captive Portal Settings.
Resource settings keep files that are required during the
operation. They are mainly configuration and server-side PHP files. In general,
there is no need to change these file contents.
On the other hand, Resource Settings contains Setting Information and Text information of each page on the Captive Portal. So, Resource Settings play a crucial role in configuring view of Captive Portal.
Figure 5 Sample Resource Settings
As shown above figure, each Configuration group has its Resource Settings. Each Resource Settings (Name)
belong to Specific Settings Groups (Resource Name).
Resource Name indicates the location of settings in Captive
Portal User Interface. For Example, Settings_Guest contains setting information
about Guest Page of Captive Portal or Setting_Corporate contains settings
related with Corporate user page of Captive Portal.
Setting Group, whose name starts with the keyword “Settings_”,
is enabled or disabled. They do not contain text values shown in the Captive
Portal.
Setting Groups with names starting with “Translate_”
keyword contains Text information which is shown on the Captive Portal User
Interface.
If you want to enable/disable part of the menu, you need to
manipulate settings whose starts with “Settings_” keyword. If you want to edit the content
of a page, you need to edit the Settings
Groups whose name is predefined by key word “Translate_” Settings Groups
whose name is predefined by keyword “Translate_”.
Fallowing
tables summarize the definition of Setting Groups and Important Settings Names.
Setting Group Names:
Important Setting Names:
|
Settings_AppGlobal |
Global settings are changed from this field. |
|
Settings_Corporate |
Corporate settings are changed from this
field. |
|
Settings_Guest |
Guest settings are changed from this field. |
|
Settings_Eula |
EULA (End User License Agreement) settings are changed
from here. |
|
Settings_Index |
The captive portal home page is organized
from this area. |
|
Settings_Logout |
Logout page is changed from this field. |
|
Settings_Menu |
Menu settings are changed from this field. |
|
Settings_RegisterAccess |
Changes related to Register Access operations
are made here. |
|
Settings_ReportCom |
Error reporting is done in this area. |
|
Settings_ReqUserPwd |
Access request requests are set here. |
|
Settings_System |
System access type settings are changed from
this field. |
|
Settings_Thankyou |
Thankyou page is changed from this field. |
|
Settings_ToolTip |
Tool Tip settings are changed from this
field. |
|
Settings_WebNotification |
Web Notification is changed from this field. |
|
Translate_ |
The User Interface language settings are
changed here. |
|
LogLevel |
Log level settings are changed from this field. |
|
MultiTargetAuthSettings |
Active Directory or LDAP settings can be changed this field |
|
DEFAULT_ACCESS_TYPE |
Permissions on the
Network that a user can request. Note: Permissions must be defined first. |
|
DEFAULT_DURATION |
Duration of the
requested access. |
|
ENABLE_CAPTCHA |
Captcha is used to
prevent automated attacks in username and password fields. |
|
SEND_USERNAME_ PASSWORD_TO_GUEST |
Sends username and
password to guests via SMS |
|
REQUIRED_EULA |
Approval of EULA is
required. |
|
APPROVAL_EMAIL |
Approval of internet
access requests by a person, a group or an employee will be sent to this mail. If left empty, anyone matching the email
format specified in APPROVAL_MAIL_FORMAT can approve. |
|
APPROVAL_MAIL_FORMAT |
Specifies the mail
domain that can approve access requests. Example: cybercyte.com |
|
Languages |
End-user visible
languages of Captive Portal are selected. |
|
SERVER_CONFIG_0 |
LDAP and/or Active
Directory server configuration is specified here. |
|
DBROW_INITIAL_VALIDITY |
If internet access requests are allowed without any admin approval,
with the only SMS, this parameter should be set to 1. |
Please note that if you are using multiple configuration
profiles, ensure that you are selecting correct configuration profile while
doing your changes. Your changes will be updated by Captive Portal
automatically after next pooling from Database.
Related Articles
NetCyte DNS Security Quick Deployment Guide
Captive Portal Quick Deployment Guide 1. Summary This document is a summary of the quick deployment of the Captive Portal component of NetCyte NAC solution from pre-configured virtual appliances. 2. Objective The objective of the ...DnsCyte Quick Deployment
DnsCyte Quick Deployment Guide 1. Summary This document is a summary of the quick deployment for DNSCyte. 2. Objective The objective of the rapid deployment is to demonstrate discovery and analysis features of DNSCyte. DNSCyte is a DNS ...Alerts
1. Introduction Alert subsystem is an integral part of any system. NetCyte NAC supports SMTP (e-mail) and SMS (Text to Mobile Phone) based notifications. Different types of alerts can be routed, related person or team. 2. Alert Before ...