Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Configure an 802.1X WLAN to Redirect Clients to Specific Web Pages

SUMMARY Use the web redirect feature if you want to perform additional compliance checks after clients complete RADIUS authentication.

When you've set up your WLAN with WPA2/WPA3 Enterprise (802.1X) security, you can opt to redirect clients to a webpage (for example, a quarantined portal) after they successfully complete the 802.1X authentication. You can use the web redirect feature to give clients full or partial access to the network.

Note:

For this feature to work, your firmware version must be 0.7 or newer.

This feature enables you to perform compliance checks on clients with agents installed. During a client authentication, the RADIUS server sends an Access-Accept message containing a URL-redirect RADIUS Attribute Value Pair (AVP) to point the client to a quarantined portal for remediation.

When you enable this feature, the client is initially restricted to DHCP and DNS, specific subnets, and the specified redirect URL. When the client completes the requested action from the portal, then it is fully authorized and allowed to start passing traffic.

To configure a WLAN with the web redirect feature:

  1. Navigate to the WLAN.

    • If the WLAN is in a WLAN template, select Organization > Wireless | WLAN Templates, click the template, and then click the WLAN.

    • For a site-level WLAN, select Site > Wireless | WLANs, and then click the WLAN.

  2. In the 802.1X Web Redirect section, select Enabled.
    The 802.1X Web Redirect box is available only for the WLANs with security type Enterprise (802.1X).
  3. Specify the allowed subnets and hostnames accessible to the clients being redirected.
  4. Save the changes.