12.8.5. Captive portal

This section describes how to configure Captive portal rules. You configure them at the users captive-portal level. For more details on the command structure, see Configuring Rules Using UPL.

Captive portal rule parameters:

Parameter

Description

OK

PASS

Actions for a Captive portal rule:

  • OK: use authentication.

  • PASS: skip captive portal page.

enabled

Enable/disable a rule:

  • enabled(yes) or enabled(true).

  • enabled(no) or enabled(false).

name

The name of the captive portal rule.

Example: name("Captive rule example").

desc

A description of the captive portal rule.

Example rule specification: desc("Captive portal rule example set via CLI").

profile

When using the Captive portal authentication, specify the Captive profile. Example: profile("Example Captive profile").

For more details about creating and configuring Captive profiles, see Configuring Captive profiles.

rule_log

Enable/disable logging when a rule was triggered:

  • rule_log(yes) or rule_log(true).

  • rule_log(no) or rule_log(false).

If this parameter is not specified, logging is disabled.

src.zone

Source zone.

To specify a source zone, such as Trusted: src.zone = Trusted.

For more details about configuring zones using the CLI, see Zones.

src.ip

Add source IP address or domain lists.

Example for IP addresses: src.ip = lib.network(). Specify the list name in parentheses. For more details about how to create and configure IP address lists using CLI, see Configuring IP addresses.

Example for domains: src.ip = lib.url(). Specify the URL to which necessary domains were added in parentheses. For more details about how to create and configure URL lists using the CLI, see Configuring URL lists.

src.geoip

Source GeoIP. Specify a country code (for example, src.geoip = AE).

Click here for the list of ISO 3166-1 country codes.

Important! There is a limit on the number of GeoIPs that can be specified: the number cannot exceed 15.

dst.zone

Traffic destination zone.

To specify a destination zone, such as Untrusted: dst.zone = Untrusted.

For more details about configuring zones using the CLI, see Zones.

dst.ip

Add lists of destination IP addresses or domains.

To specify an IP address list: dst.ip = lib.network(). Specify the list name in parentheses. For more details about how to create and configure IP address lists using CLI, see Configuring IP addresses.

To specify a domain list: dst.ip = lib.url(). Specify the URL to which the necessary domains were added in parentheses. For more details about how to create and configure URL lists using the CLI, see Configuring URL lists.

dst.geoip

Destination GeoIP. Specify a country code (for example, dst.geoip = AE).

Click here for the list of ISO 3166-1 country codes.

Important! There is a limit on the number of GeoIPs that can be specified: the number cannot exceed 15.

category

Lists of categories and URL filtering categories for which the rule will be applied. You need to have the appropriate license for URL filtering.

To specify a URL category list: category = lib.category(). Specify the URL category list name in parentheses.

For more details about how to create and configure URL categories using CLI, see Configuring URL categories.

To specify a URL category: category = "URL category name".

url

The URL lists to which the rule will be applied.

To specify a URL list: url = lib.url(). Specify a URL list name in parentheses.

time

Set a schedule for a rule.

To set a schedule: time = lib.time(). Specify a time set group name in parentheses. For more details on configuring time sets, see Configuring time sets.