Preface
- Text Conventions
- Platform-Dependent Conventions
- Providing Feedback to Us
- Getting Help
- Documentation and Training
About this Guide
- Notational Conventions
Introduction
- WiNG 7.1.X Operating System Overview
- CLI Overview
User Exec Mode Commands
- user-exec-commands
  - captive-portal-page-upload
  - change-password
  - clear
  - clock
  - cluster
  - commit
  - connect
  - crypto
  - create-cluster
  - crypto-cmp-cert-update
  - database
  - database-backup
  - database-restore
  - device-upgrade
  - enable
  - file-sync
  - help
  - join-cluster
  - l2tpv3
  - logging
  - mint
  - no
  - on
  - opendns
  - page
  - ping
  - ping6
  - ssh
  - telnet
  - terminal
  - time-it
  - traceroute
  - traceroute6
  - virtual-machine
  - watch
  - exit
Privileged Exec Mode Commands
- privileged-exec-commands
  - archive
  - boot
  - cd
  - configure
  - copy
  - cpe
  - delete
  - diff
  - dir
  - disable
  - edit
  - erase
  - ex3500
  - factory-reset
  - halt
  - mkdir
  - more
  - operational-mode
  - pwd
  - re-elect
  - reload
  - rename
  - rmdir
  - self
  - t5
  - upgrade
  - upgrade-abort
  - raid
  - no
Global Configuration Commands
- global-config-commands
Common Commands
- common-commands
  - clrscr
  - commit
  - exit
  - help
  - no
  - revert
  - service
  - show
  - write
Show Commands
- show-commands
  - show
  - adoption
  - bluetooth
  - boot
  - bonjour
  - captive-portal
  - captive-portal-page-upload (show commands)
  - cdp
  - classify-url
  - clock
  - cluster
  - cmp-factory-certs
  - commands
  - context
  - critical-resources
  - crypto
  - database
  - device-upgrade
  - dot1x
  - dpi
  - environmental-sensor
  - event-history
  - event-system-policy
  - ex3500
  - extdev
  - fabric-attach
  - file
  - file-sync
  - firewall
  - global
  - gps (show command)
  - gre
  - guest-registration
  - interface
  - iot-device-type-imagotag
  - ip
  - ip-access-list-stats
  - ipv6
  - ipv6-access-list
  - l2tpv3
  - lacp
  - ldap-agent
  - licenses
  - lldp
  - logging
  - mac-access-list-stats
  - mac-address-table
  - macauth
  - mac-auth-clients
  - mint
  - ntp
  - password-encryption
  - pppoe-client
  - privilege
  - radius
  - reload
  - rf-domain-manager
  - role
  - route-maps
  - rtls
  - running-config
  - session-changes
  - session-config
  - sessions
  - site-config-diff
  - smart-rf
  - snmpv3 (show command)
  - spanning-tree
  - startup-config
  - t5
  - terminal
  - timezone
  - traffic-shape
  - tron (show command)
  - upgrade-status
  - version
  - vrrp
  - virtual-machine
  - wireless
  - web-filter
  - what
  - wwan
Profiles
- Profile Config Commands
- Device Config Commands
  - adoption-site
  - area
  - channel-list
  - contact
  - country-code
  - floor
  - geo-coordinates
  - hostname
  - lacp
  - layout-coordinates
  - license
  - location
  - location-server
  - location-tenantid
  - mac-name
  - no
  - nsight
  - override-wlan
  - remove-override
  - rsa-key
  - sensor-server
  - timezone
  - trustpoint (device-config-mode)
  - raid
AAA Policy
- aaa-policy-commands
Auto-Provisioning Policy
- auto-provisioning-policy-commands
  - adopt
  - auto-create-rfd-template
  - default-adoption
  - deny
  - evaluate-always
  - redirect
  - upgrade
  - no
    - upgrade
Association-ACL Policy
- Association-acl-policy-commands
  - deny
  - permit
  - no
Access-List Policy
- ip-access-list
- mac-access-list
- ipv6-access-list
- ip-snmp-access-list
- ex3500-ext-access-list
- ex3500-std-access-list
DHCP-Server Policy
- dhcp-server-policy commands
- dhcpv6-server-policy commands
Firewall Policy
- firewall-policy-commands
  - acl-logging
  - alg
  - clamp
  - dhcp-offer-convert
  - dns-snoop
  - firewall
  - flow
  - ip
  - ip-mac
  - ipv6
  - ipv6-mac
  - logging
  - proxy-arp
  - proxy-nd
  - stateful-packet-inspection-12
  - storm-control
  - virtual-defragmentation
  - no
MiNT Policy
- mint-policy-commands
  - level
  - lsp
  - mtu
  - router
  - udp
  - no
Management Policy
- management-policy-commands
RADIUS Policy
- radius-group
  - guest
  - policy
  - rate-limit
  - no
- radius-server-policy
  - authentication
  - bypass
  - chase-referral
  - crl-check
  - ldap-agent
  - ldap-group-verification
  - ldap-server
  - local
  - nas
  - proxy
  - session-resumption
  - termination
  - use
  - no
- radius-user-pool-policy
  - duration
  - user
  - no
Radio-QoS Policy
- radio-qos-policy-commands
Role Policy
- role-policy-commands
SMART-RF Policy
- smart-rf-policy commands
WIPS Policy
- wips-policy-commands
WLAN-QoS Policy
- WLAN-QOS-Policy commands
L2TPv3 Policy
- l2tpv3-policy-commands
- l2tpv3-tunnel-commands
- l2tpv3-manual-session-commands
Router Mode
- router-mode-commands
Routing Policy
- routing-policy-commands
AAA-TACACS Policy
- aaa-tacacs-policy-commands
Meshpoint Policy
- meshpoint-config-instance
- meshpoint-qos-policy-config-instance
- meshpoint-device-config-instance
Passpoint Policy
- passpoint-policy
Crypto-CMP Policy
- crypto-cmp-policy-instance
- other-cmp-related-commands
  - use (other-cmp-related-commands)
  - show (other-cmp-related-commands)
Roaming Assist Policy
- roaming-assist-policy commands
Border Gateway Protocol
- bgp ip-prefix-list
- bgp ip-access-list
- bgp as-path-list
- bgp community-list
- bop ext-community-list
- bgp route-map
- bgp router-config
- bgp neighbor-config
Controller Managed WLAN Use Case
- CREATING A FIRST CONTROLLER MANAGED WLAN
AP Dual Modes of Operation
- Understanding Dual Mode Capability
AP5XX REV AA Upgrade Procedure
- Introduction
- Bulk 'Rev: AA' AP505/AP510 Upgrade through Virtual Controller
- Bulk 'Rev:AA' AP5XX Upgrade through WiNG Controller/ExtremeCloud Appliance

captive-portal

Configures a captive portal based filter for this user-defined role. A captive portal is a guest access policy that provides temporary and restrictive access to the wireless network. When applied to a WLAN, a captive portal policy ensures secure guest access.

This command defines user-defined role filters based on a wireless client‘s state of authentication.

Supported in the following platforms:

Access Points — AP505i, AP510i/e, AP560i/h
Service Platforms — NX5500, NX7500, NX9500, NX9600, VX9000

Syntax

captive-portal authentication-state [any|post-login|pre-login]

Parameters

captive-portal authentication-state [any|post-login|pre-login]

authentication-state	Defines the authentication state of a client connecting to a captive portal
any	Specifies any authentication state (authenticated and pending authentication). This is the default setting. This option makes no distinction on whether authentication is conducted before or after the wireless client has logged in.
post-login	Specifies authentication is completed successfully This option requires the wireless client to share authentication credentials after logging into the managed network.
pre-login	Specifies authentication is pending This option enables captive portal client authentication before the client is logged into the controller.

Examples

nx9500-6C8809(config-role-policy-test-user-role-testing)#captive-portal authentication-state pre-login

nx9500-6C8809(config-role-policy-test-user-role-testing)#show context
 user-role testing precedence 10
  authentication-type eq kerberos
  ap-location contains office
  captive-portal authentication-state pre-login
nx9500-6C8809(config-role-policy-test-user-role-testing)#

Related Commands

no	Removes the captive portal based role filter settings

Published July 2019prev | next

Email this topic

Print this page Print this page

Leave feedback Feedback