This post covers a simple portal web interface customization, which will provide a “Free Access” option for guest users.
Some organizations do not want to administer guest accounts, but simply want to display a legal disclaimer which should be accepted and then allow internet access.
These are the basic configuration steps:
- Enable normal portal authentication
- Define a local guest user on the AC which will be used for the free-access authentication
- Customize the portal page and include a free-access form. This form will include a hidden username and password field.
The configuration was build using an 830 with software R3507P20
In this post, I assume that the normal portal configuration has been done on the AC.
Now, define a local guest user on the AC, this account will be used by the “Free access” login button.
local-user guest password simple hp authorization-attribute user-role guest service-type portal
Customize the logon.htm page.
The default logon.htm page contains 1 form. The key fields are:
<form action=logon.cgi method = post > <b><font face="Arial">USERNAME: </font></b> <input type="text" name = "PtUser" style="width:160px;height:22px" maxlength=64> <p><b><font face="Arial">PASSWORD: </font> </b> <input type="password" name = "PtPwd" style="width:160px;height:22px" maxlength=32> <p> <input type=submit value="Logon" name = "PtButton" style="width:60px; font-family:Arial; font-weight:bold"> </form>
Now we add (or replace if you do not want separate guest logins and show free-access only) a form. In this form, the username and password are simply pre-configured, and the fields are hidden. Only the button will be visible.
Instead of “Free Access”, you could configure “I Agree” and include some legal disclaimer text.
<form action=logon.cgi method = post > <input type="hidden" name="PtUser" value="guest"> <input type="hidden" name="PtPwd" value="hp"> <button type=submit value="Logon" name = "PtButton" style="width:100px; font-family:Arial; font-weight:bold">Free Access</button> </form>
If you do not want to customize yourself, this is a download of a sample customized portal:
Download the sample freev2.zip
The layout looks like this:
If you customize this example, make sure to make a new zip file with all the files in the root of the zip archive (no subfolders in the zip file !).
Next, upload the file to the AC, either to the root or the /portal subfolder.
Once the file has been uploaded, you can either:
- Rename the file to defaultfile.zip , this is the default file the AC will look for to load any customizations.
- Bind the custom file manually for a specific SSID. This would allow multiple Guest SSIDs, each with their own portal customizations.
To bind the custom file (example for an SSID with name Guests)
portal local-server bind ssid Guests file freev2.zip
This concludes the configuration of a free access example.
Note: it may be required to restart the portal server and/or ip http server to make the new portal pages active. I have not found yet what triggers the actual reload of the pages.
Thank you for your posts about HP Unified Controller. Based on your knowledge, i deployed Wifi system with HP 830 24 Port + 58 HP Access Point (HP 560 and HP 466R).
I setup portal authentication for Guest with Free Access as your post. IOS and Android devices work fine, but Window Phone 8.1 can not access Internet (it show an error page about can not find page ..) after click “Free Access” button. However Window Phone 8.1 can work fine if use username and password then click Logon. The trick is if i change “Free Access” to “Logon” name , window phone 8.1 work fine. Seem window phone have problem with the code for button in logon.html. Could you give me help me in this situation, is there any method that i can change “Logon” name on button?
Thank you again for your help, i’m vietnamese. i’m sorry if my english is not good.
Basically, the free access option is doing the exact same POST as the normal form, just using a hidden username and password. So I am a bit surprised that 1 method works and the other (free) does not.
However, since I do not have any Win 8.1 phone system, I cannot replicate this.
Your test with the normal user login which is working seems to suggest Windows Phone 8.1 does not handle the button tag well.
What you should try is verify on the Wireless controller if the user is actually reported as an online portal user (even when the error is shown) with “display portal user all”. This would show if the submit has worked, but there is a problem with the final confirmation page.
If the user would show online, it means the Windows Phone 8.1 has a problem showing the logonSuccess.htm file.
Let me know if this helps !
I tried as your suggest but it still does not work. DHCP information was received correctly but user (put below Free Access button) did not connect. Maybe window phone 8.1 does not handle the button tag well, it can not send information below button to the AAA of controller.
I cannot say much at this point, can you make a network trace of the client http traffic ?
Then you can compare the HTTP POST of the normal login and the free login to see what Win Phone 8.1 does differently.
I hope everything is fine from your end, can you kindly guide me how can i achieve the same objective with IMC BYOD portal instead? Which directory i need to access and modify and whether the html file can contain text of a different language. If there is any document highlighting these details, kindly let me know about it.
Hi Peter, thanks for your detailed instructions. I followed them but my HP 850 does still only show the default auth portal website. You mentioned that it may be necessary to restart the webserver, could you maybe help me with the command to do so? I can´t find it 🙂
Sure! that would be:
undo ip http enable
undo ip https enable
ip http enable
ip https enable