Deployment Guide

ManualsBrandsDell ManualsAccess PlatformsW-Clearpass 100 Software

211

212

213

214

215

216

217

218

219

220

218 | Guest Management Amigopod 3.7 | Deployment Guide

Navigate to Administrator > Plugin Manager > Manage Plugins: MAC Authentication:

Configuration and enable MAC Detect.

Edit the header of your redirect landing page (login or registration) and include the following:

<p>{if $guest_receipt.u.visitor_name}

Welcome back to the show, {$guest_receipt.u.visitor_name|htmlspecialchars}!

{else}

Welcome to the show!

{/if}</p>

For debugging purposes, include the following to see all the fields available:

{dump var=$guest_receipt export=html}

Click-Through Login Pages

A click-through login page will present a splash or terms screen to the guest, yet still provide MAC-auth

style seamless authentication. Under this scenario, you could have people create an account, with a paired

MAC, yet still have them click the terms and conditions on every new connection.

Disable MAC authentication on the controller.

Navigate to Administrator > Plugin Manager > Manage Plugins: MAC Authentication:

Configuration and enable MAC Detect.

Create a Web Login

 Authentication: Anonymous

 Anonymous User: _mac (_mac is a special secret value)

 Pre-Auth Check: Local

 Terms: Require a Terms and Conditions confirmation

Set the Web login as your landing page and test. Using a registered device the 'Log In' button should be

enabled, otherwise it will be disabled.

You may also want to add a message so visitors get some direction.

<p>{if $guest_receipt.u.username}

{if $guest_receipt.u.visitor_name}

Welcome back, {$guest_receipt.u.visitor_name|htmlspecialchars}!

{else}

Welcome back.

{/if}

Please accept the terms before proceeding.

{else}

You need to register...

{/if}</p>

You can hide the login form by having the final line of the header be:

{if !$guest_receipt.u.username}<div style="display:none">{/if}

and the first line of the footer be:

{if !$guest_receipt.u.username}</div>{/if}

Active Sessions Management

The RADIUS server maintains a list of active visitor sessions. If your NAS equipment has RFC 3576 support,

the RADIUS dynamic authorization extensions allow you to disconnect or modify an active session.