Cisco Support Community
Community Member

User Agreement Page for WLAN

I'm about ready to rollout open access for http only traffic. Using a VLAN and access lists, but I would like for the user to have accept a user agreement page before continuing. Is there a Cisco product or another I can use for this?

Community Member

Re: User Agreement Page for WLAN

If you want something like Hot-Spot try "Authentication Proxy" feauture... Mabe it works on Cisco AP's... I don't try it, but i think this is interesting future, i plan to try and use it in my LAN if this give me hot-spot like things...

P.S. sorry 4 my english...

Re: User Agreement Page for WLAN

it depends...

do you want to have user accounts that the users enter a name and password? or just a splash page that has 'acceptable usage' policy & some info?

We use monowall for this, works like a charm. You can combine it with acls on the routers, etc. For example, we have an open wireless network that is bound to a vlan with m0n0wall as the gateway. The router, or l3 switch in our case, can apply ACLs to the subnet for the wireless. We use time-based ACLs to control when the network is available. Another product which is based on m0n0wall is pfsense It is similar but it allows for redundancy.

Community Member

Re: User Agreement Page for WLAN

> you want to have user accounts that the users enter a name and password?

yep... All users on my LAN goes to internet through PPTP server because my ISP don't sell unlimited accounts, he sell only "pay for traffic" like accounts and in this case i must count my LAN users traffic. Because many users can forget to establish PPTP session (but don't forget to aks "where my internet?" :-E ) i want create something what don't shows "Page cannot be found/opened" like messages but "if you forget about PPTP - enter your login and password" etc. Can "Authentication Proxy" used for it or can you recommend something for it?

What is "captive portal" in m0n0wall or pfsense? Documentation keep silence about it :(

Re: User Agreement Page for WLAN

the 4400 series controllers support splash pages, but you will need to create the user accounts for them to auth on the splash page. I believe it supports both local users & radius servers.

the captive portal page in both m0n0wall and pfsense can be configured with either not auth or auth (based on either local users or radius users on a seperate radius server)

Either way, it sounds like you may be infringing on your ISPs rules.

There are other ways to do this, but it depends on your configuration & hardware, ie: radius auth on http/https outbound

Community Member

Re: User Agreement Page for WLAN

Thanks for all the replies. Since this is an open hot spot, for an educational institute, there will be no user authentication per se. However, a user agreement screen with a simple "agree/disagree" type logon. A proxy logon might be all that's needed, the SESM might be overkill. The PIX could be another good candidate to try out. I'll definitely need to research this more.

CreatePlease to create content