Konfiguration of the Captive-Portals
Last adaptation to the version: 11.8.7
- New:
- Article updated
- English translation
- Added rule for HTTPS with SLL interception
Previous versions: -
Server settings
Menü Reiter Server settings
Customize Firewall Name
The firewall name should be defined as FQDN. (In the example portal.anyideas.de)
This is necessary so that later the resolution of the landing page of the captive portal is compatible with the certificate.
Firewall
| ||
| Firewallname | portal.anyideas.de | FQDN compliant firewall name |
Entering the DNS serverThe localhost (here 127.0.0.1) is entered as the primary name server. In the past, 'google-public-dns-a.google.com' has proven itself as a secondary name server with its fast response time and high availability. DNS server | ||
| Primary name server | 127.0.0.1 | Localhost |
| Secondary name server | 8.8.8.8 | Possible name server: google-public-dns-a.google.com |
Generate local certificate
The landing page of the captive portal is an HTTPS website. A certificate is required for a browser to classify this page as trustworthy.
- At Tab CA a CA must be created
- At Tab Certificates a Server- certificate must be created. A separate certificate should be created for the captive portal so that it can be revoked if necessary without affecting other connections or applications.
How to create a certificate on the UTM can be read here.