HP Unified Wireless: Free access option on guest portal

This post covers a simple portal web interface customization, which will provide a “Free Access” option for guest users.

Some organizations do not want to administer guest accounts, but simply want to display a legal disclaimer which should be accepted and then allow internet access.

These are the basic configuration steps:

  • Enable normal portal authentication
  • Define a local guest user on the AC which will be used for the free-access authentication
  • Customize the portal page and include a free-access form. This form will include a hidden username and password field.
  • Verify

The configuration was build using an 830 with software R3507P20

In this post, I assume that the normal portal configuration has been done on the AC.

Now, define a local guest user on the AC, this account will be used by the “Free access” login button.

local-user guest
 password simple hp
 authorization-attribute user-role guest
 service-type portal

Customize the logon.htm page.

The default logon.htm page contains 1 form. The key fields are:

  • action=logon.cgi
  • PtUser
  • PtPwd
  • PtButton
<form action=logon.cgi method = post >
<b><font face="Arial">USERNAME:&nbsp;&nbsp; </font></b> <input type="text" name = "PtUser" style="width:160px;height:22px" maxlength=64>
<p><b><font face="Arial">PASSWORD:&nbsp; </font> </b> <input type="password" name = "PtPwd" style="width:160px;height:22px" maxlength=32>
<p>
<input type=submit value="Logon" name = "PtButton" style="width:60px; font-family:Arial; font-weight:bold">
</form>

Now we add (or replace if you do not want separate guest logins and show free-access only) a form. In this form, the username and password are simply pre-configured, and the fields are hidden. Only the button will be visible.

Instead of “Free Access”, you could configure “I Agree” and include some legal disclaimer text.

<form action=logon.cgi method = post >
<input type="hidden" name="PtUser" value="guest">
<input type="hidden" name="PtPwd" value="hp">
<button type=submit value="Logon" name = "PtButton" style="width:100px; font-family:Arial; font-weight:bold">Free Access</button>
</form>

If you do not want to customize yourself, this is a download of a sample customized portal:

Download the sample freev2.zip

The layout looks like this:

201405-unified-custom-portal-freeaccess

 

If you customize this example, make sure to make a new zip file with all the files in the root  of the zip archive (no subfolders in the zip file !).

Next, upload the file to the AC, either to the root or the /portal subfolder.

Once the file has been uploaded, you can either:

  • Rename the file to defaultfile.zip , this is the default file the AC will look for to load any customizations.
  • Bind the custom file manually for a specific SSID. This would allow multiple Guest SSIDs, each with their own portal customizations.

To bind the custom file (example for an SSID with name Guests)

portal local-server bind ssid Guests file freev2.zip

This concludes the configuration of a free access example.

Note: it may be required to restart the portal server and/or ip http server to make the new portal pages active. I have not found yet what triggers the actual reload of the pages.

 

 

This entry was posted in Unified Wireless and tagged , , , . Bookmark the permalink.

7 Responses to HP Unified Wireless: Free access option on guest portal

  1. Thanh Nguyen says:

    Thank you for your posts about HP Unified Controller. Based on your knowledge, i deployed Wifi system with HP 830 24 Port + 58 HP Access Point (HP 560 and HP 466R).
    I setup portal authentication for Guest with Free Access as your post. IOS and Android devices work fine, but Window Phone 8.1 can not access Internet (it show an error page about can not find page ..) after click “Free Access” button. However Window Phone 8.1 can work fine if use username and password then click Logon. The trick is if i change “Free Access” to “Logon” name , window phone 8.1 work fine. Seem window phone have problem with the code for button in logon.html. Could you give me help me in this situation, is there any method that i can change “Logon” name on button?

    Thank you again for your help, i’m vietnamese. i’m sorry if my english is not good.

    • Hi Thangh,

      Basically, the free access option is doing the exact same POST as the normal form, just using a hidden username and password. So I am a bit surprised that 1 method works and the other (free) does not.
      However, since I do not have any Win 8.1 phone system, I cannot replicate this.
      Your test with the normal user login which is working seems to suggest Windows Phone 8.1 does not handle the button tag well.

      What you should try is verify on the Wireless controller if the user is actually reported as an online portal user (even when the error is shown) with “display portal user all”. This would show if the submit has worked, but there is a problem with the final confirmation page.

      If the user would show online, it means the Windows Phone 8.1 has a problem showing the logonSuccess.htm file.

      At this point, you may want to edit the logonSuccess.htm file (inside the zip) and remove the javascript file reference, by removing the entire line reference to the script (text/javascript) and changing the body onunload=”pt_unload();” to just body. (I cannot put the actual HTML code in this reply, since the HTML code gets removed when posting)

      I have read that Windows Phone 8.1 has some changed Javascript support (not being an expert in this area however..), and the portal auth still works without this Javascript reference.

      The built-in Javascript could be used to generate a continue browsing link to the original user url, but that function is not used anyway in this example script.

      Let me know if this helps !

      • Thanh Nguyen says:

        Dear Peter,
        I tried as your suggest but it still does not work. DHCP information was received correctly but user (put below Free Access button) did not connect. Maybe window phone 8.1 does not handle the button tag well, it can not send information below button to the AAA of controller.
        Thanks

      • I cannot say much at this point, can you make a network trace of the client http traffic ?
        Then you can compare the HTTP POST of the normal login and the free login to see what Win Phone 8.1 does differently.

  2. Osama Riaz says:

    Hi Peter,
    I hope everything is fine from your end, can you kindly guide me how can i achieve the same objective with IMC BYOD portal instead? Which directory i need to access and modify and whether the html file can contain text of a different language. If there is any document highlighting these details, kindly let me know about it.

  3. Matthias says:

    Hi Peter, thanks for your detailed instructions. I followed them but my HP 850 does still only show the default auth portal website. You mentioned that it may be necessary to restart the webserver, could you maybe help me with the command to do so? I can´t find it 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s