Manualshelf

User's Manual

ManualsBrandsHP ManualsSoftwareHP Cloud Network Manager Software Series
51525354555657585960
Session firewall based blacklisting
In session firewall based blacklisting, an Access Control List (ACL) rule automates blacklisting. When the ACL
rule is triggered, it sends out blacklist information and the client is blacklisted.
Configuring blacklist duration
To set the blacklist duration:
1. Select Wireless Configuration > Security > BLACKLISTING.
2. Under DYNAMIC BLACKLISTING:
a. For AUTH FAILURE BLACKLIST TIME, enter the duration after which the clients that exceed the
authentication failure threshold must be blacklisted.
b. For PEF RULE BLACKLISTED TIME, enter the duration after which the clients can be blacklisted due to an
ACL rule trigger.
You can configure a maximum number of authentication failures by the clients, after which a client must be
blacklisted. For more information on configuring maximum authentication failure attempts, see Configuring
security settings for a WLAN SSID profile on page 27.
Captive portal for guest access
This section provides the following information:
l Understanding captive portal on page 56
l Configuring a WLANSSID for guest access on page 57
l Configuring internal captive portal for guest network on page 60
l Configuring external captive portal for a guest network on page 61
l Configuring guest logon role and access rules for guest users on page 62
l Configuring captive portal roles for an SSID on page 63
l Configuring walled garden access on page 64
l Disabling captive portal authentication on page 65
Understanding captive portal
Cloud Network Manager supports the Captive portal authentication method. A web page is presented to guest
users when they try to access the internet in hotels, conference centers or Wi-Fi hotspots. The web page also
prompts the guest users to authenticate or accept the usage policy and terms. Captive portals are used at Wi-Fi
hotspots and can be used to control wired access as well.
The Cloud Network Manager Captive portal solution consists of:
l The captive portal web login page hosted by an internal or external server.
l The RADIUS authentication or user authentication against internal database of the AP.
l The SSID broadcast by the AP.
With Cloud Network Manager, administrators can create a wired or WLAN guest network based on Captive portal
authentication for guests, visitors, contractors, and any non-employee users who can use the enterprise Wi-Fi
network. Administrators can also create guest accounts and customize the Captive portal page with organization-
specific logo, terms, and usage policy. With Captive portal authentication and guest profiles, the devices
associating with the guest SSID are assigned an initial role and are assigned IP addresses. When a guest user
tries to access a URL through HTTP or HTTPS, the Captive portal web page prompts the user to authenticate with
a user name and password.
HP Cloud Network Manager | User Guide Wireless configuration | 56