A
B
- bandwidth on demand. See BoD
- BoD (bandwidth on demand)
C
- callback interface
- captive portal
- configuration level in Enterprise Manager Portal
- conventions
- CORBA (Common Object Request Broker Architecture)
- plug-in interface
- remote API
- customer support 1
D
- DCU (destination class usage)
- demonstration applications
- deployment scenarios
- destination class usage
- devices running Junos OS
- forwarding preferences
- managing traffic
- policies
- provisioning services
- routing preferences
- services 1
- directory server
- DirX directory server
- documentation
E
- enterprise
- Enterprise Manager Portal
- application protocols, managing
- BoD subscriptions
- configuration level
- deployment settings
- firewall exception rules
- firewall subscriptions
- fixed addresses for outgoing traffic
- help
- NAT
- IP address 1, 2, 3
- rules for traffic
- NAT Address Management Portal
- NAT rules 1, 2
- overview 1, 2
- policies
- public IP addresses, configuring
- schedules 1, 2
- services
- Enterprise Service Portal audit plug-in
- enterprise service portals 1, See also Enterprise Manager Portal
- enterprise tag library 1, 2
- equipment registration 1, See also sample residential portal
- event notification
- events, IT manager audit
- example-simple
F
- files
- WEB-INF/jboss-web.xml
- WEB-INF/portalBehavior.properties
- WEB-INF/struts-config.xml 1, 2, 3
- WEB-INF/tiles-defs.xml 1, 2, 3
- WEB-INF/web.xml
- firewall ports for sample SRC-applications
- firewall services
- folders for installed software
- forwarding preferences 1, 2
I
- installing
- installing software
- interfaces
- IP address managers, event notification
- IP addresses
- IP Filter
- IP-in-IP tunneling
- ISP service in sample residential portal
- IT manager
J
- Jakarta Struts Web application framework
- Java development environment, Tomcat 1, 2
- Javadoc documentation for sample residential portal
- JSP tag library. See enterprise tag library
- JunosE routers
L
M
- manuals
- Monitoring Agent
- acting as pseudo RADIUS server
- configuring
- properties
- pseudo RADIUS agent 1, 2
- installing
- intercepting DHCP messages
- intercepting RADIUS accounting messages
- monitoring 1, 2
- overview
- stopping
- multihop environment
N
- NAT (Network Address Translation) 1, See also NAT Address Management Portal
- NAT Address Management Portal
- Network Address Translation. See NAT
- NIC (network information collector)
- notice icons
P
- packages, Solaris. See Solaris packages
- parameters
- patches for Solaris
- performance
- plug-ins 1, See also Enterprise Service Portal audit plug-in
- policies
- ports for sample SRC-applications
- precedence
- prevention, use of unauthorized resources
- privileges
- properties for sample residential portal
- proxy request management
- public wireless LAN applications
R
- removing
- residential portal 1
- routing instances
- rules, NAT
S
- SAE (service activation engine)
- sample applications
- sample enterprise service portal
- configuring connection to directory
- customizing 1
- data, displaying
- managing services
- monitoring
- networks for departments 1, 2, 3
- overview
- service parameters 1, 2
- sample residential portal
- action classes
- behaviors
- customizing
- developing portal based on the sample 1, 2
- development tools
- equipment registration 1, 2
- installing
- login
- model components
- overview 1, 2
- personal digital assistant (PDA)
- prerequisites
- schedules
- service activation
- services
- usage
- view components
- Web application framework
- sending traffic to VPNs
- service activation
- service parameters, enterprise
- service schedules
- service schedules, sample residential portal
- services 1, See also firewall services
- basic BoD
- BoD 1, 2, 3
- devices running Junos OS 1
- BoD and VPNs
- NAT 1, 2
- sample enterprise service portal, managing
- single-hop environment
- Solaris packages
- Solaris patches
- source class usage (SCU)
- SRC single-hop requirement
- subscribers
- subscriptions
- substitutions
- support, technical See technical support
T
- technical support
- text conventions defined
- Tomcat, as Java development environment 1, 2
U
- uninstalling. See removing
V
- value substitution
- virtual portal address
- virtual private networks. See VPNs
- VPNs (virtual private networks)
W
- WAR files
- Web application server
- Web applications
- WEB-INF/jboss-web.xml
- WEB-INF/portalBehavior.properties
- WEB-INF/struts-config.xml 1, 2, 3
- WEB-INF/tiles-defs.xml 1, 2, 3
- WEB-INF/web.xml
Download This Guide
Redirecting Traffic to a Captive Portal Webpage
A captive portal webpage is a page that receives redirected HTTP requests. You can use a captive portal page as the initial page a subscriber sees after logging in to a subscriber session and as a page used to receive and manage HTTP requests to unauthorized Web resources.
The type of information available from a captive portal page depends on the portal design. The page can provide informational messages or can let subscribers perform actions such as activating a service to which they have a subscription. For example, if a subscriber requests access to a service that the subscriber has not activated, the portal could display a captive portal page that tells the subscriber that the service is not available, or the page could prompt the subscriber to activate the requested service.
Implementing a captive portal requires the following:
- An instance of the redirect server installed on a host in the same network as a JunosE router. The redirect server redirects HTTP requests received from IP Filter to a captive portal page.
- When the SRC software is installed on a Solaris platform, the IP Filter tool installed and configured on the same host as the redirect server. This tool redirects incoming HTTP requests to the redirect server.
- Default policies installed on the JunosE router. The default policies on the JunosE router must include a forwarding or rate-limiting policy that permits access to the portal server and a next-hop rule to intercept the unauthorized access request packets. The target of the next-hop rule is the host on which the redirect server resides.
- A portal server for serving the captive portal pages.
For a sample captive portal, see the sample residential portal.
For information about configuring the redirect server, see Configuring the Redirect Server (SRC CLI).
Sequence for Redirecting Traffic
The following list describes the sequence of events that occurs when a subscriber tries to access a restricted service:
- A subscriber opens a Web browser and attempts to access a restricted server; for example, http://a.com.
- A next-hop policy on the JunosE router sends this request
to the redirect server instead of to the requested server.
The policy does not affect the destination address (resolved from a.com) in the IP packets.
- For environments that have the SRC software installed on a Solaris platform, the IP Filter process running on the same host as the redirect server filters traffic and redirects traffic arriving on port 80 on the host’s incoming interface.
- The captured request is redirected to an address and a port where the redirect server listens.
- The redirect server opens a TCP port (8800 by default) and sends the type of response configured—an HTTP 200 (OK) or a small HTML document that encodes a refresh in the meta header of the of the file—to the subscriber’s browser for the requests.
- The subscriber browser follows the redirect request and opens the captive portal page on the portal server.
Configuring the SRC Software in a Multihop Environment
The captive portal system implemented by the HTTP redirect server requires a single-hop connection; that is, the router accessed by the subscriber cannot be more than one hop away from the redirect server. However, some networking environments will require a multihop connection—through more than one router—to the redirect server.
You can use any of several methods to get around the intermediate, next-hop routers, such as IP-in-IP tunneling, deployment of a NAT device, and dynamic DNS. Contact Juniper Networks Professional Services for assistance with these methods.
