Content translations are temporarily unavailable due to site maintenance. We apologize for any inconvenience. Visit our blog to learn more.
01-04-2025 02:44 AM
Objective: Configure Captive portal for non-windows users to authenticate, but use AD credentials through LDAP authentication.
Configuration performed.
1. LDAP profile, Group mapping settings, server monitoring. (test command authentication is successful in CLI)
2. Captive Portal config - Authentication portal setting / Certificates / SSL profile /call LDAP profile for auth
3. Authentication Policy - redirect 'unknown' users to captive portal.
4. Security policy configured to match the AD group
Testing Observation:
1. Ubuntu user redirected to captive portal successfully
2. Credentials authenticated via LDAP.
3. Can see ip-user-mapping for the user.
4. Security policy not matching the user traffic. Traffic log shows further traffic denied from this user.
I suspect I am not supposed to use AD group in security policy for captive portal users since the ip-user-mapping for that should come from AD itself.
how can I configure security policy to match the users in this case instead of using subnets ?
Attached config and cli output
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
