Randomly selecting Tommy and Eric so this bubbles up in their inbox.
On 2 August 2017 at 10:36, David Bird <[email protected]> wrote:
> Could an author of PvD help me understand the following questions for each
> of the diagrams below I found on the Internet -- which represent some
> typical hotspot configurations out there...
> - Where would the API reside?
> - Who 'owns' the API?
> - How does the API keep in-sync with the NAS? Who's responsible for that
> (possibly multi-vendor, multi-AAA) integration?
> 1) Typical Hotspot service company outsourcing:
content/uploads/2013/08/shema- CaptivePortalSolution_beta2b. png
> 2) Same as above, except venue owns portal:
content/uploads/2013/07/ solutions_hotspots-co-working- cloudessa_2p1.png
> 3) Now consider the above, but the venue has more roaming partners and
> multi-realm RADIUS setup in their Cisco NAS:
td/docs/wireless/controller/8- 3/config-guide/b_cg83/b_cg83_ chapter_0100111.html
> describes many options -- including separate MAC authentication sources,
> optional portals for 802.1x (RADIUS) authenticated users, and so much
> "Cisco ISE supports internal and external identity sources. Both sources can
> be used as an authentication source for sponsor-user and guest-user
> Also note this interesting article: the section Information About Captive
> Bypassing and how it describes how to avoid Apple captive portal
> detection!!! "If no response is received, then the Internet access is
> assumed to be blocked by the captive portal and Apple’s Captive Network
> Assistant (CNA) auto-launches the pseudo-browser to request portal login in
> a controlled window. The CNA may break when redirecting to an ISE captive
> portal. The controller prevents this pseudo-browser from popping up."
> Captive-portals mailing list
> [email protected]
Captive-portals mailing list