This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Hotspot without authentication ?

philip_francis1
Contributor

‎09-26-2018 11:55 PM

Hello, I have a third party Onboarding server - FortiConnect.
This server presents a login web GUI, where after authentication the user is directed to another  page where they can download an onboarding app.
What I want Zonedirector to do is as follows:

- user connects to Zonedirector SSID. 
- FIRST REDIRECT: Zonedirector redirects user to Forticonnect (have done this successfully with a Hotspot service)
- user authenticates on the ForitiConnect website
- SECOND REDIRECT: user is redirected by FortiConnect to another FortiConnect Onboarding download website (this is where it fails for me. I think Zonedirector is expecting authentication details and will not allow another redirect until it receives them ?)

So, how can create a Zonedirector Hotspot service which redirects to FortiConnect and then allows further redirects. I do not want Zonedirector to authenticate at all. 
The only reason I want the Hotspot feature is to allow auto redirect to FortiConnect. Forticonnect will then handle authentication and redirects etc. completely separate from ZoneDirector.
7 REPLIES 7

1said_sanoussi
New Contributor III

‎09-27-2018 12:00 AM

Any URL you want the users to be able to access before beining fully auithenticated need to be added to a walled garden. So try putting the url's you want to redirect to in the walled garden and test this. The walled garden is provisioned on the ZD
0 Kudos

philip_francis1
Contributor

‎09-27-2018 01:31 PM

Thank you. I have added walled garden entries but access to the second URL still fails.
My walled garden entries now include:
1. mwaklconnect1.domain.forest
2.  10.21.250.153/32 (which is the IP of mwaklconnect1.domain.forest) 

So, the initial redirect which works points to:
1. 
https://mwaklconnect1.domain.forest/portal/MW_Onboarding_portal/10.99.0.10

Then I also need a client to be able to access:
2. https://mwaklconnect1.domain.forest/portal/MW_Onboarding_portal/preview/success

Zonedirector seems to be preventing this second URL from loading and instead just directs users back to the original URL in step 1.
Can anyone suggest how to allow the second URL to load ?


0 Kudos

robert_lowe_722
Contributor III

‎09-28-2018 03:09 PM

The only way I can think with hotspot is to set a redirect on the hotspot for post successful login. But the only way this will work is if the forticlient server can send a RADIUS accept to the ZD because this is what the ZD is expecting in a hotspot authentication.
0 Kudos

philip_francis1
Contributor

‎09-29-2018 02:59 PM

Thank you, but what about walled garden? I thought the whole purpose of walled garden was to allow access to multiple whitelisted URLs without the need for Zonedirector to receive any RADIUS accept messages ?
0 Kudos
Copyright © 2024 Khoros, LLC