Configures the captive portal enforcement on this WLAN. When enabled, provides successfully authenticated guests temporary and restricted access to the network. If enforcing captive-portal authentication, associate captive-portal policy with the WLAN. For more information, see use (wlan-config-mode).

Supported in the following platforms:

  • Access Points — AP505i, AP510i/e, AP560i/h
  • Service Platforms — NX5500, NX7500, NX9500, NX9600, VX9000


captive-portal-enforcement {fall-back}


captive-portal-enforcement {fall-back}
captive-portal-enforcement Enables captive portal enforcement on a WLAN. This option is disabled by default.
fall-back Optional. Enforces captive portal validation if WLAN authentication fails (applicable to EAP or MAC authentication only)


nx9500-6C8809(config-wlan-test)#captive-portal-enforcement fall-back
nx9500-6C8809(config-wlan-test)#show context
wlan test
 ssid test
 bridging-mode local
 encryption-type none
 authentication-type eap
 accounting syslog host port 2
captive-portal-enforcement fall-back
 acl exceed-rate wireless-client-denied-traffic 20 disassociate
 broadcast-dhcp validate-offer

Related Commands

no (wlan-config-mode) Disables captive portal enforcement