Endpoint identification identifies which IPv4 address belongs to which user. This allows a method of user identification to be built using an IPv4 address-to-user mapping cache for policy matching.
If Cloud Edge cannot associate the user with an IPv4 address, Captive Portal can take over and authenticate the user with a web form.
- Access the Cloud Edge Cloud Console and go to Policies > IP Addresses/FQDNs.
- Click Add and fill up information as needed:
Name: Name of IP Object
Type: Choose IPv4 as Cloud Edge can only use IPv4 address for endpoint identification and captive portal
Address: LAN segment to implement endpoint identification and captive portal
- Click Save.
- On the same page, select "Gateway Profiles".
- Select the profile assigned to your Cloud Edge Gateway.
Default Profile is assigned by default.
- Select "Endpoint Identification" and click Add.
- Fill up the following fields:
Name: Profile Name
Captive Portal: Enable captive portal
Specify the address object affected by policies: LAN segment to implement endpoint identification and captive portal loginRefer to step 2.
- Click Save and then click Deploy All.
- Access Administration > Hosted Users & Groups and then click Add under Hosted Users.
Set up username and password, as clients prompted for Captive Portal Login need to provide these credentials.
- Click Save.
- Under Administration > UserID Sync, click Sync All Gateways to force account synchronization.
UserIDs are automatically sync every 8 hours.
- Using a web browser, access an external website for the first time.
If the user identification agent is unable to associate a user with an IP address, a captive portal can take over and authenticate the user with a web form.
- Log in using the credentials created under Hosted Users.
Successful authentication will automatically redirect to the originally requested website.