User Guide
OmniAccess SafeGuard OS Administration Guide
226
Chapter 6: Configuring Authentication and Role Derivation
This command forces the user to use SSL when submitting their username and password.
It has no effect on ports added with the use-ssl keyword.
To disable HTTPS, use the no form of the command:
no aaa captive-portal https-login
This command has no options or parameters. For example:
(SafeGuardOS) #configure terminal
(SafeGuardOS)(config) #no aaa captive-portal https-login
(SafeGuardOS)(config) #exit
(SafeGuardOS) #
Captive Portal now runs under HTTP.
Specifying a Proxy Server
If you use an automatic proxy, the SafeGuard device does not display the login splash
page for Captive Portal. In order to display the login splash screen correctly, the IP
address of the proxy must be specified.
In the following example, we are resolving the Alcatel-Lucent Captive Portal splash
screen (cp.Alcatel-Lucent.com IP: 63.233.160.203).
(SafeGuardOS) #configure terminal
(SafeGuardOS) (config) #aaa captive-portal redirect-location cp.Alcatel-
Lucent.com
Captive-portal redirect url updated
(SafeGuardOS) (config) #aaa captive-portal redirect-port 16978
HTTP Redirect port now 16978
(SafeGuardOS) (config) #aaa captive-portal hijack-port 8088
HTTP hijack port 8088 added
(SafeGuardOS) (config) #aaa captive-portal use-popup
Popup enabled
(SafeGuardOS) (config) #aaa captive-portal proxy-ip 172.58.28.18
(SafeGuardOS) (config) #exit
(SafeGuardOS) #
Microsoft Windows proxy server settings are found under the Internet Connections,
Advanced Proxy Server Settings. Ensure that the DNS and IP address are in the
exceptions list.
NOTE: Hijack port settings only take effect after resetting the interface using
the aaa captive portal (Captive Portal enable) command.