Guest Access

9 min

the nile access service offers three different options for providing guest network access integration with an external captive portal such as clearpass and ise nile hosted guest portals nile secure guest service integration with external captive portal this soluti on is ideal for customers who already have a cisco ise or aruba clearpass implementation with their existing wlan in this model, the nile access service acts as a pass through, relying on the external captive portal server to authenticate the guest devices there are two modes or operation server initiated flow static url server initiated flow in the server initiated flow, the captive portal server is configured with the redirect url and hosts the captive portal page when a guest device connects to the captive portal ssid the nile access service assigns the device to a guest segment and provides an ip address from the dhcp server the nile access service initiates a mac authentication request to the captive portal server if the mac address is not in the captive portal server's database, it responds with an access accept message and embeds the redirect url the nile access service then redirects the user to the url provided by the captive portal server the user communicates with the captive portal server and provides the necessary authentication (e g , accept and connect, social login, password) once authenticated, the captive portal server initiates a change of authorization (coa), and the nile access service re initiates the mac authentication this time, the server responds with an access accept without the redirect url the nile access service then allows the device onto the network to configure this flow, navigate to the "settings" > "authentication" section in the nile cloud services portal and add a radius server static url in the static url mode, the administrator configures the redirect url in the nile cloud services portal when adding the radius server the captive portal server does not provide the url via the mac authentication process nile hosted guest portals this solution is ideal for customers who do not have an external captive portal server the nile access service hosts the captive portal server in the cloud and provides it as part of the service, free of charge nile supports two authentication methods for onboarding guest users click through email approval click through the click through feature requires the guest user to accept the terms and conditions to access the network this is the most basic form of authentication once accepted, the user is granted access to the network email approval he email approval feature displays a form that the guest user must fill out, and then the request must be approved the form includes the following fields guest user's name guest user's email visiting employee's name visiting employee's email once the form is filled out, an email is sent to the visiting employee, who must approve the request for the guest user to gain access nile will only send the email if the domain of the visiting employee's email entered by the guest is a valid domain for the tenant the administrator can add multiple domains if needed to configure the nile hosted guest portals, navigate to the "settings" > "authentication" section in the nile cloud services portal and select the "guest" option when adding a radius server faq q what is the default session time of guest? a the default session time out is 24hrs and it can be changed q as an admin can i customize the branding of the page? a nile offers the ability to brand the page using background images, colors and logos nile secure guest service he nile secure guest service is an optional component of the nile access service that provides secure internet access for guest devices, including those belonging to customers, partners, and employees, while isolating them from the organization's internal network resources for more information on the nile secure guest service, please refer to the docid\ keb2 g8r6plmyhmtpwbsa documentation