Cube Long Arrow Right External Link angle-right Search Times Spinner angle-left

How to setup Group Captive Portal

Use When:   

A) You want to brand the Wi-Fi access. 

B) Provide terms and conditions for accessing Wi-Fi. 

C) Utilize session limits or capture user information. 

Warning: Prior to setting up your captive portal, it is recommended to start the
setup of a VLAN first. See the instructions named Configuring a VLAN. Follow
the first portion of the setup and then finish once your Captive Portal is
complete.  

Instructions:

  •  Log into InControl2 
  • To enable the Captive Portal, hover over the Network Settings tab then click on Captive Portals.
undefined

  • Click on New Captive Portals
undefined
  • In the window that opens, place a check mark in the Enable
    box
    . Next, enter a Name for the Captive Portal (it can be any name without effecting
    the device). Then, enter your Company Name. (this will appear on the Captive Portal and in the default Terms and Conditions) 
undefined
  • You will have to choose at least one Access Mode. This is how your customers will be able to get through the Captive Portal and onto the internet. If you want your customers to just pass through, select Open Access. All other options require some form of verification. If you want to collect customer information, you can choose any combination of options other than Open Access. The following information outlines each of the six options. 
undefined

There are 6 options for configuring your captive portal:  

  1. Social 
  2. Open Access 
  3. Guest Account 
  4. Token 
  5. E-mail 
  6. SMS 

There is a separate enable radio button for each option. The option will not be enabled unless there is a check mark to enable the specific option. Enabled options will change from Black lettering to Blue lettering. 

undefined

Follow the steps below to enable each option. You can set up multiple modes of access for the Captive Portal to allow your customers different login options.   

1. Social

There are 7 different options for access using social networking. These are dependent upon you or your company already having an account with the different social networking
sites. Each option needs to have a check mark in the box to the left to enable that social networking site. Enter your site ID from the social networking page to link it to your login page. Hover over the blue circle with an i for additional information.  

undefined

2. Open Access

Open access does not ask for any personal information from your customers, it only displays the Splash page with a link to the Terms and Conditions and then allows access to the internet connection through the router.  

There are 4 options for limiting data usage on connected wireless enabled devices.

undefined


Not limited
You don’t have to select any additional options. 

Time Based

undefined

If you choose to limit the quota by time you can select the amount of time you want people to have access to your Wi-Fi. You have 2 options to reset this quota.

Once per day at a preset time (Default is 2:00 AM) OR after a certain number of minutes. 

Bandwidth based
If you choose to limit the quota by bandwidth your Wi-Fi users will only be able to use the amount specified in this box. This quota will be reset once a day and you can choose at which time this is done.

undefined

Time and bandwidth based

Access is limited to a set amount of total Time or Bandwidth (whichever limit is reached first) based on the reset quota (see below) that resets the quota depending on the settings chosen. 

undefined

3. Guest Account
The Guest Account option is similar to the Open Access option. The difference is that
you can add user accounts to allow people on this SSID. This can be done manually or through an import .csv file with username and passwords.

undefined

To make use of Guest accounts, you must first check the enable box and then navigate to the bottom of the window and click Save Changes.   

undefined

Click on the name of the Captive Portal to reopen it and continue making
changes to the Guest Account settings.
  

undefined

Find your Access Mode options and click on Manage to access the Guest Account settings. 

undefined

To manually add users, click on Add User to enter the details. 

undefined

Enter details in the example window shown below. 

undefined


To quickly add many Guests, choose the Import option.  

undefined

This can be done using a .csv file upload. It will require a list with usernames and passwords which will be uploaded to your device. A sample format is below.  

undefined

After clicking Import, you will see the following. Follow the steps to upload your file.  

undefined

After successfully uploading a .csv file you will see thefollowing message.

undefined

 

Next you will enter your settings for the uploaded Guest Accounts. 

undefined

You can also choose to allow multiple devices to connect on one username/password by clicking on Allow Concurrent Use and choose the number of allowed sessions. 

undefined

Or you can choose to limit use with a Bandwidth Quota. 

undefined

Click Next at the bottom of the window. You will then Review your imported users and
click on Import to add them to the Captive Portal. 

undefined

Upon successful import of the users you will be taken back to the Guest Account Management page. Click on Close to go back to the Captive Portal setup page. 

4. Token 

The “Token” option is similar to your Open Access options. The difference is that you can generate tokens to allow people on this SSiD. To make use of Tokens, you must first check the enable box and then navigate to the bottom of the window and click Save Changes

undefined undefined

Click on the name of the Captive Portal to reopen it and continue making changes to the
Guest Account settings. 

undefined

Find your Access Mode options and click on Manage to access the Token settings. 

undefined

If you want the system to generate your Tokens, click the Generate button. 

undefined

When you click the Generate button you can choose the number of tokens to generate, the token format (amount of characters and have a choice between numbers, lowercase letters, mixed case letters and letters & numbers). You can also select the length of time the token should be valid and how many concurrent sessions will be allowed per token.

undefined undefined

After generating the tokens they are ready to be downloaded. You will also see an overview in your Token window. 

undefined

Most companies print these tokens in a format that can be handed out to their Wi-Fi users. By looking at the Token window, you can see how many tokens have been used. 

Here is a sample of downloaded tokens. 

undefined

5. Email 

If you prefer users to sign in with their email, choose this option. The email addresses
are captures for future marketing if you like.

The default settings are shown here. 

undefined

The Email option allows you to collect Wi-Fi user details by placing a check mark in the Collect Guest Name box. 

E-mail checking time

You can set the amount of time for E-mail checking from 2 to 5 minutes. This provides the user a set amount of time to verify email if they want to access Wi-Fi. This must be done from the device you are using to access the Wi-Fi.  

Company Name

Enter your company name in the E-Mail Sender Name to have the email the customer receives appear to be from your company. It is possible some email clients may reject it or delete it as Spam. 

Daily Quota

undefined

You have 4 options for the daily quota: 

· Not Limited – Customers can access the internet without restrictions on time or data used. 

· Time Based – Access is limited to a set amount of time based on the reset quota that resets the quota depending on the settings chosen. 

· Bandwidth Based – Access is limited to a set amount of total Bandwidth based on the reset quota that resets the quota depending on the settings chosen. 

· Time and bandwidth based – Access is limited to a set amount of total Time or Bandwidth (whichever limit is reached first) based on the reset quota that resets the quota depending on the settings chosen. 

 6. SMS
To enable authentication by SMS (also known as text messages) you first must manage the SMS settings for Captive portal in the InControl Group Settings. 

The SMS options is like the Token option, the difference being the generated tokens are sent to the Wi-Fi users mobile number. That Token number is then input into the Captive Portal. 

Select your Company in the SMS Service drop-down menu. Decide your Token Length, and Amount of Time for SMS Checking. Then update your Daily Quota if applicable. 

undefined


At this point you should go to manage the SMS settings. This done by going to the bottom of the page and click on the Save Changes. Navigate and hover over Settings, click on Group Settings

undefined

In the group settings page, you’ll find the SMS Settings for Captive Portal. Click on Manage

undefined

After clicking on Manage you can add the service name and provider details. Currently
Peplink only supports Twilio as a service Provider but this list will grow if the demand for SMS Captive Portal support increases. 

undefined

Service Name - This will be the sender of the SMS message 

Twilio Phone Number - This is the phone number that will send SMS messages to your Wi-Fi users. 

Account SID - This is your account SID from Twilio (You need to have a Twilio account to use the SMS service) 

Auth Token - This is the token your users will receive via SMS text message to access the internet through your device. 

undefined

Once you have added and saved these settings, click on the Close button. 

undefined

Your Wi-Fi users will be asked to fill in their phone number and will receive a token to access the SSID in a SMS (text) message as shown in the image below. 

undefined

You can now navigate back to the Network Settings tab to get to Captive Portals. (Going back to the window you were in before) Click on your Captive Portal Name in the list.  


END OF ACCESS MODE OPTIONS

Reset Quota

undefined

This is the length of time between login requests individual Wi-Fi enabled devices will get before being required to fill out the Captive Portal form again. The default settings are shown. The total number of minutes currently has a maximum limit of 999 minutes.
 

Guests required to sign in…

The default setting is shown but can be changed to any of the 3 options. 

undefined

Allowed Networks

In this field, you can add domain names and/or network IP addresses that are allowed on this Open Access SSID. This automatically means that no other devices will be allowed on this SSID.Examples for network IP addresses are 172.16.0.0/24 or hotspotsystems.com

Allowed clients

In this field, you can add single MAC or IP addresses for devices that you want to allow on this SSID. 

Landing Page

The Landing Page (also known as the redirect page) is not available on
Android devices due to limitations present on the Android Operating System. 

undefined

You have 3 options for your landing page :

· Display a signed-in page with a Start Browsing button. Clicking the button will redirect to the URL the guest user had originally requested. In the auto-login popup browser on iOS,
clicking the button will redirect to: “the webpage you have entered in this field” (The default setting is shown as http://www.apple.com/)

· Display a signed-in page with a Start Browsing button. Clicking the button will unconditionally redirect to: “the webpage you have entered in this field”

· Redirect to: “the webpage you have entered in this field” 

  

The basic Captive Portal should
now be complete and will show the Peplink logo and default Terms and Conditions
(seen below with open access enabled).  

undefined

If this is acceptable to you click on the blue Save Changes button at the bottom of the window and you will be taken back to the Network Settings page of InControl2.  

To customize your Captive Portal with your company logo and/or a custom background image click on the blue Preview and Customization link on the bottom left of the
window.  

undefined

***After you have made all of the changes to your Captive Portal, make sure to click on the blue Save Changes button at the bottom of the screen otherwise all changes will be erased and the Captive Portal will revert back to the last saved configuration. You will want to go back to your VLAN and add the Captive Portal name to it. See the Configuring a VLAN document.