[NEBULA] How to configure Nebula Cloud Authentication with captive portal?

Zyxel_Bella
Zyxel_Bella Posts: 188  Zyxel Employee
edited October 4 in Nebula Access Point

Nebula Cloud Solution provides the option to let users authenticate into wireless networks using sign-on with Nebula cloud authentication with Nebula Cloud Authentication option, offering the possibility to create and storage account information on the cloud, being efficient by reducing the time and effort that requires to set-up a radius server.


Pre-requisites: An SSID network needs to be configured in order to apply sign-on with Nebula cloud authentication for the clients connecting to the wireless network.

 

You can enable Sign-on with Nebula cloud authentication at Access point > Configure > Authentication. 



You can adjust the settings base on your application in Captive portal advance setting.

When choosing Sign-on with Nebula cloud authentication, the wall garden will be enabled as well. You can add the website into the wall garden list that the customer can access without passing the authentication. *1


Self-registration: default is Allow users to create accounts with manual authorized. Self-registered users must authorize by clicking the confirmation link in the received email. Then after network administrator give the account privilege, user can sing-on with manual created account. You can select Allow users to create accounts with auto authorized that users could sign-on right after self-registered. The left type is Don’t allow users to create account.


Login on multiple client devices: this can restrict the login devices at a time. It could be one device or multiple devices.


Strict Policy: Allow HTTPs traffic without sign-on or not.


Reauth time: The agreement page will pop out again when the lease time is expired. We can choose the follow site-wide setting*2 or assign a definite time for it.


NCAS disconnect behavior: When Nebula Cloud Authentication Server is unreachable, which mode would you want to implement. 


 

2. Create account information to login for Nebula Cloud Authentication

In order to use Nebula cloud authentication option, it is necessary to define the account authentication information in Organization-wide> Configure> Cloud authentication

 

a) Select User, used for captive portal.

b) Create the account information by clicking +Add button.


c) A new window will be displayed in which we need to input account information as Description, Email, a password (or click Generate button), email the password to account, change the Authorized value from Not authorized to All sites or Specified sites and define the minutes in which the account will expire after creating the entry or select Never (default value).

 

d) Once the information is defined, proceed to click Create User button and Save the configuration.



 

4. Connect to SSID and enter the account information to authenticate

Select the SSID network that has been configured to authenticate using Nebula Cloud Authentication.

The captive portal for client to sign on will be loaded after client connect to the SSID.

Input the email/username in Username/Email text box, the password in Password field, and click Login. Client can surf the internet after Success! information pops.





Note.

1. About the Walled garden, One IP address/domain in one line to specify your walled garden. Example: *.zyxel.com, www.zyxel.com, 192.168.1.0/24

2. Site-wide reauthentication time: Site-wide > Configure > General settings > Captive portal reauthentication > For cloud authentication users.