This document demonstrates how to configure custom captive portal.

Here is the step-by-step procedure for the same:

  1. Create key:

  1. Create Digital Certificate (SSL Certificate). Select necessary fields. The ones in blue highlights are default:
  2. Create SSL decrypt Profile:

  1. Create Decryption policy and rule:

 

Decryption rule:

You need to fill in only “General” and “Enforce” tab:

 

 

  1. Create URL filtering profile. This profile is used to match interesting URLs that will get redirected to custom captive portal. For this example, we are using social_network as match criteria. Facebook.com, twitter, etc. will be matched. 

 

 

  1. Create security policy:

 

  1. Create Rule and place at the top of the list among the rules so that this rule is first checked. Control flow goes from top to bottom:

 

  1. Go to Enforce tab to define action. In Action, select “Apply Security Profile” and select desired url filtering name from “URL Filtering”:

 

  1. Enable captive portal, there is no single checkbox that enables captive portal. You need not touch anything inside “Custom Redirect Parameters” for custom captive portal to work:


 

Note: Authentication Profile, SSL CA Certificate and SSL Port are optional. 

Authentication Profile is used if you wanted to authenticate user and you have authentication server available and configured. 

SSL CA Certificate and SSL Port are necessary for https traffic. Normal http traffic does not need ssl. Therefore, these fields can be left untouched.

Enable custom captive portal page. Again, there is no single checkbox that enables custom captive portal page. 

  1. Go to Objects & Connectors>Custom Objects>Captive Portal Custom Pages>

From Director tab click on “Upload File”

 

  1. Click on  Upload file icon and upload desired htm/html file. Please note, the file has to be in .zip format.

 

  1. Upload the same file from Appliance tab:

  1. Finally go to “Enable Customer Pages” and select appropriate action:

Note: You can use attached hmt file for testing. The file should be in .zip folder. For testing purposes, find attached sample .zip file (block-notworking).