Release 2.7 onwards, OpenWiFi supports a brand new implementation of captive portal leveraging user space application and eBPF based packet filtering. This new implementation allows the APNOS to support functionality previously supported by CoovaChili.
OpenWiFi support two types of captive portal:
Internal/Local Captive Portal
External Captive Portal
The internal captive portal supports the following modes of authentication.
Click-to-continue : In this mode the client will be redirected to a page where the client needs to accept the terms of service before accessing data.
Credentials: In this mode the client needs to enter the valid credentials that are configured in the AP to access data.
Radius: In this mode the client needs to enter the valid credentials that are configured in the radius server being used to access data.
On authentication failures there is further functionality to limit access to the network by providing a wall garden feature. This includes a files of
First define a captive service as part of the interface -> ssids.
Then ensure there is a configuration present for the services section of the schema
After configuring a captive services inside interfaces -> ssids, the services block will look as follows
After configuring a captive services inside interfaces -> ssids, the services block will look as follows
When an external access controller, such as a captive portal appliance or a Universal Access Method (UAM) redirector is required to handle subscriber login, OpenWiFi now supports ability to have a native implementation that is equivalent of CoovaChili.
As always first define a captive service as part of the interface -> ssids.
The captive service must have the auth-mode set to "uam"
For further details on how to configure with a external service please refer to this.