Deployment Guide
Table Of Contents
- Table of Contents
- Preface
- About Extreme Campus Controller Deployment
- Configuring DHCP, NPS, and DNS Services
- Centralized Site with a Captive Portal
- Centralized Site with AAA Network
- Deploying a Mesh Network
- Configuring an External NAC Server for MBA and AAA Authentication
- Manage RADIUS Servers for User Authentication
- External Captive Portal on a Third-Party Server
- Access Control Rule Admin Portal Access
- Deploying Centralized Web Authentication
- Deploying ExtremeCloud IQ - SE as an External Captive Portal
- Deployment Strategy
- Configuring an External Captive Portal Network
- Editing the Configuration Profile for Network and Roles
- Extreme Campus Controller Default Pass-Through Rule
- Adding Extreme Campus Controller as a Switch to ExtremeCloud IQ - Site Engine
- Editing the Unregistered Policy on ExtremeCloud IQ - Site Engine
- Editing the ExtremeCloud IQ - Site Engine Profile for Policy and Location-Based Services
- Deploying an ExtremeGuest Captive Portal
- Deploying Client Bridge
- Deploying an Availability Pair
- Deploying Universal APs
- Extreme Campus Controller Pair with ExtremeLocation and AirDefense
- ECP Local Authentication
- PHP External Captive Portal, Controller’s Firewall Friendly API
- Index
$token = isset($_REQUEST['token']) ? $_REQUEST['token'] : "";
if(!tokenCheck($token)) {
printError("Error: <span style='color:red'>Failed to process the request: incorrect
token.</span>");
exit;
} else if(isset($hwc_port) && !is_numeric($hwc_port)) {
printError("Error: <span style='color:red'>Failed to process the request: incorrect
port.</span>");
exit;
}else if($mu_mac && !macCheck($mu_mac)) {
printError("Error: <span style='color:red'>Failed to process the request: incorrect
client MAC address.</span>");
exit;
} else if(!empty($wlan) && !is_numeric($wlan)) {
printError("Error: <span style='color:red'>Failed to process the request: incorrect
WLAN.</span>");
exit;
}
//escape the parameters
$dest =convertUrlParam($dest);
$bssid = convertUrlParam($bssid);
$vns = convertUrlParam($vns);
$ap_name = convertUrlParam($ap_name);
// 3. Compose the login page and send it to the user. The page
// is used to store session data. This could have been
// stored in the user session variable or in cookies.
print compose_login_page($hwc_ip, $hwc_port, $token, $dest,
$wlan, $vns, $bssid, $mu_mac, $ap_name);
// 4. And exit. This script is finished executing.
exit;
// End of mainline
// A function that reconstructs the URL that the
// station was trying to Get, from the variables
// generated by the PHP runtime.
function getURL($data) {
$ssl = (!empty($data['HTTPS']) && $data['HTTPS'] == 'on') ? true:false;
$protocol = $ssl ? "https" : "http";
$port = $data['SERVER_PORT'];
$port = ((!$ssl && $port=='80') || ($ssl && $port=='443')) ? '' :
':'.$port;
$host = isset($data['HTTP_HOST']) ? $data['HTTP_HOST'] :
$data['SERVER_NAME'] . $port;
return $protocol . '://' . $host . $data['REQUEST_URI'];
}
// This function generates a basic login page containing a form
// that allows the user to submit credentials back to this
// server. The page displays the name of the VNS (service) that the user
// is associated to.
// A real login page normally has more content. This routine
// highlights the critical aspects of composing a login page so
// that when the user submits credentials, all the information
// that is necessary to manage the user's session is on the page.
function compose_login_page($hwc_ip, $hwc_port, $token, $dest,
$wlan, $vns, $bssid, $mu_mac, $ap_name)
{
$template = "<!DOCTYPE html>
<html>
<head>
<meta charset=\"ISO-8859-1\">
<title>Please Login</title>
</head>
<body>
<form id=\"Login\" name=\"Login\" method=\"post\" action=\"login.php\">
<table border='0' width='800' height='310' cellpadding='0'
PHP External Captive Portal, Controller’s Firewall
Friendly API net-auth.php
Extreme Campus Controller Deployment Guide for version 5.46.03 199