Differences

This shows you the differences between two versions of the page.

--- technical:ppsk-1ssid-2networks [2023/03/09 15:25]
admin [Profile for Registered Users]
+++ technical:ppsk-1ssid-2networks [2024/02/05 18:49] (current)
admin [Introduction]
@@ Line 1: / Line 1: @@
 ====== Private PSK 1 SSID Two Networks ======
 ===== Introduction =====
+<WRAP center round alert 100%>
+  * Please note that of Feb 2024 this component is under active development to make it even more feature rich and easy to use.
+  * Do check back here in order to find out when the development is completed and ready for production.
+</WRAP>
   * This is our first use case and a very simple implementation.
   * With this implementation we will:
@@ Line 14: / Line 20: @@
 ===== The AP side =====
   * We will start with the configuration of the Access Point in AP Desk.
-  * Select a cloud to work in and to to **Networks** -> **AP Profiles**. Click on the **Add** button.
+  * Select a cloud to work in and go to **Networks** -> **AP Profiles**. Click on the **Add** button.
-  * Here we create an AP Profiles called **Campus PSK**.
+  * Here we create an AP Profile called **Campus PSK**.
 {{:technical:psk:ap_profile_new.png?nolink|}}
   * After we created it we will edit it.
@@ Line 114: / Line 120: @@
   * Edit the Profile Component called **SimpleAdd_59** and add a Reply attribute of Tunnel-Password := 12345678.
 {{:technical:ap_profile_user_reg_profile.png?nolink|}}
+  * Now everything is in place for us to configure user registration in the login page.
+==== Enable User Registration ====
+  * Go to Login and select the login page that you use for the captive portal.
+  * Edit its settings and enable user registration.
+  * Make sure you also selected **Auto-add device after authentication**.
+  * Save it.
+  * Everything is now ready to test.
+===== Final Testing =====
+  * Connect to the Captive Portal.
+  * You Login Page should look similar to the one below.
+{{:technical:psk:ppsk_login.jpeg?nolink&400|}}
+  * After you register and logged in you can confirm that the user's MAC Address has been associated with them.
+  * Ask the user to leave the WiFi network and connect again.
+  * The user should now be connected directly onto the LAN through the WiFi.
+  * Here we see under Activity Monitor that the user is connected using PPSK (Our NAS Identifier uses a convention with **ppsk** in the value.
+{{:technical:ap_profile_user_ppsk_nas.png?nolink|}}
+===== Devices Without Browsers =====
+  * The Captive Portal works well for adding devices what has a browser.
+  * Some devices however needs access to the WiFi network but they do not have any screen to pop up a browser.
+  * These include sensors, WiFi Cameras and Printers.
+  * For these we have a handy applet that can be launched from Users -> Permanent Users.
+  * The **Devices Without Owners** applet will list all the MAC Addresses which connected to the SSID and were assigned to the default VLAN.
+{{:technical:psk:ap_profile_devices_no_owners.png?nolink|}}
+  * We also give an indication when last it was seen on the network which makes it even more easy to locate.
+  * On top of that we offer the opportunity to give them an alias in case you need to tag those devices first.
+  * Then you can attach them to a permanent user.
+  * Our recommendation is to have a dedicated special Permanent User for a class of devices. e.g. su-printers for printers and su-cameras (su is short for special user).
+===== Banning Devices =====
+  * You might ask, since all the users will have a common PSK, will it be possible to stop a specific device from gaining access to the network **without** forcing all the other devices to change the PSK they are configured with.
+  * Yes it is possible.
+  * Simply navigate to the BYOD applet and select the device(es) you want to stop the select the Enable / Disable button to complete the action.

RADIUSdesk

Page Tools

Site Tools

User Tools

Differences