Captive Portal with a purchased certificate

Konfiguration of the Captive-Portals

Last adaptation to the version: 11.8.7

New:

• Article updated
• English translation
• Added rule for HTTPS with SLL interception

Previous versions: -

Server settings

Server Settings - FQDN & DNS Server

Menü → Network →Server settings Reiter Server settings

Customize Firewall Name

The firewall name should be defined as FQDN. (In the example portal.anyideas.de)
This is necessary so that later the resolution of the landing page of the captive portal is compatible with the certificate.

Importing certificates

Since the landing page of the captive portal is a HTTPS website, the next step is to provide the required certificate. We strongly recommend to buy a certificate from an official CA (or to use an existing wildcard certificate) to avoid later irritations because of browser warnings.
Basically there are two options:

• A Certificate for a FQDN
  • in this case the common name of the certificate would be portal.anyideas.de
• A wildcard certificate
  • in which case the common name of the certificate would be *.anyideas.de

1. In the first step, the CA provided together with the certificate must be imported into the UTM.
   Menu → Authentication →Certificates Tab CA Button Import CA

2. In the first step, the CA provided together with the certificate must be imported into the UTM.
   Menu → Authentication →Certificates Tab CA Button Import CA

The CA and the certificate must be in .pem format !