Configure an External Guest Authentication Hotspot

After you configure your external web server for external guest authentication, you can configure an External Guest Authentication hotspot on your Firebox. Before you begin, make sure you understand the external authentication process and correctly configure your external web server for guest authentication.

In Fireware v11.12 or higher, you can create a Walled Garden to specify IP addresses, IP ranges, networks, and domain names that guests can connect to without authentication credentials. For example, you can allow guests to connect to your company website without authentication.

For more information, see About Hotspot External Guest Authentication.

If your Firebox runs Fireware v11.11 and lower, you can enable only one hotspot on one interface on your Firebox. Multiple hotspots are only supported in versions higher than v11.11. The configuration settings in lower versions of Fireware appear different, but the configuration settings are the same as for a single hotspot in higher versions of Fireware.

When you enable external guest authentication, these policies are automatically created:

  • Allow External Web Server — Allows TCP connections from users on the guest network to the external web server IP address and the port you use for hotspot external guest authentication.
  • Allow Hotspot Session Mgmt — Allows connections from the external web server IP address to the Firebox.
  • Allow Hotspot-Users — Allows connections from the hotspot to addresses external to the Firebox.

See Also

Configure a Web Server for Hotspot External Guest Authentication