Create a network object
Create a network object to enable access using a fully qualified domain name for captive portal authentication.
This task discusses how to start configuring the captive portal as an identity source.
Before you begin
(Snort 3 only.) Create a fully-qualified host name (FQDN) using your DNS server and upload the Firewall Threat Defense's internal certificate to the Firewall Management Center. You can consult a resource such as this one if you've never done it before. Specify the IP address of a routed interface on one of the devices managed by your Firewall Management Center.
For more information about the network object, see Redirect to host name network rule conditions.
Procedure
Step 1 | If you haven't already done so, log in to your Firewall Management Center and click .. |
Step 2 | Expand PKI. |
Step 3 | Click Internal Certs. |
Step 4 | Click Add Internal Cert. |
Step 5 | In the Name field, enter a name to identify the internal cert (for example, MyCaptivePortal). |
Step 6 | In the Certificate Data field, either paste the certificate or use the Browse button to locate it. The certificate Common Name must exactly match the FDQN with which you want captive portal users to authenticate. |
Step 7 | In the Key field, either paste the certificate's private key or use the Browse button to locate it. |
Step 8 | If the certificate is encrypted, select the Encrypted check box and enter the password in the adjacent field. |
Step 9 | Click Save. Continue to add a network object. |
Add a network object
Procedure
| Command or Action | Purpose | |
|---|---|---|
Step 1 | Click Network. | |
Step 2 | Click . | |
Step 3 | In the Name field, enter a name to identify the object (for example, MyCaptivePortalNetwork). | |
Step 4 | Click FDQN and, in the field, enter the name of the captive portal's FDQN. | |
Step 5 | Click an option for Lookup. | The following figure shows an example.
|
Step 6 | Click Save. |
