How to Configure the Portal Function on the EAP (Cluster mode)

User Application Requirement
Updated 06-28-2022 08:18:55 AM 72937
This Article Applies to: 

Note: This article only applies to EAP115 V1/V2. Refer to FAQ 772 to know more about cluster mode.

The portal authentication, also known as web authentication, is an ‘entrance’ for users to access to the internet through the EAPs. When unauthorized users try to access to the Internet, EAPs which are correctly configured with portal function will direct unauthorized users to a web portal, and additional login information is required if the users want to access to internet resources. Unauthorized users will not be able to access the internet through the EAPs if they can’t pass the web authentication. This is an effective way to manage the network in the places such as hotel, community, company or some other public places. Furthermore, some of the web portal can be used to announce ads, notices and some other personalized information.

Step 1

Log in to EAP’s management page. If you are not sure about how to do this, please refer to the QIG.

Step 2

Go to Wireless ->Portal. There are three authentication types you can choose.

Case 1: Choose the No Authentication in Authentication Type. Users can access to the network without entering username and password in the web portal.

No Authentication Local Password

Case 2(Recommended): Choose the Local Password as shown below. Set Username and Password as you like. The username and password is stored on the device and all users require the same username and password to login.

Note: You can also set a proper Authentication Timeout. This is the time that how long the users can stay online once they authenticate with the EAP. For now when a user got Timeout, he can re-authenticate by clicking the Login button when using No Authentication or filling in the password and clicking Login when using Local Password.

Case 3(If you have radius server): Choose the External Radius Server as shown below.

In this case, you need to fill the Radius Server IP, Port and Radius Password of your radius server. A radius password is the secret key between the radius server and the radius client. These parameters are always defined by the administrator of your radius server.

Note: You can also set a proper Authentication Timeout. This is the time that how long the users can stay online once they authenticate with the EAP.

Step 3 (This feature is optional.)

Check the Redirect box and fill the Redirect URL, if you want to navigate users to a pre-defined web page, for instance your home page, company’s official website etc. after users pass the web authentication.

Step 4

Customize the web portal page. You can either use the built-in Local Web Portal or use an External Web Portal.

Note: You can use the External Web Portal only when you use External Radius Server as authentication server.

Case 1(Recommended): Choose the Local Web Portal from the drop-down list of Portal Customization. Then the page will show as below. The web portal title and Term of Use is customizable. In this case, the web portal page will show as case 1 and case 2 in step 7.

Case 2(If External Radius Server is configured): Choose the External Web Portal from the drop-down list mentioned above. But external web portal can only be enabled when External Radius Server is configured in step 4. And you will need to fill your External Web Portal URL as shown below.

Moreover, you also need to put the external web portal server to a whitelist of Free Authentication Policy, otherwise client cannot access it before authenticate. Click in Free Authentication Policy section below Portal Configuration.

Name the policy as you like. Fill the Source IP Range with the subnet or ip of users. And then set the ip or subnet of your external web server as the Destination IP Range. The default Destination Port is 80. You should assign the service port of your external web server to it if the port number is not 80. As an example, the page will show as below.

Click the OK button to finish the configuration. The requirement of External Portal Server is here.

Step 5

Go to Wireless -> Wireless Settings. The page will show as below.

Step 6

Select the SSID which you want to enable portal authentication and click. Check the Portal Enable. Then the page will show as below. Click OK button.

The followings are visual effects how users login the network after finishing configuration above.

Connect your devices to the wireless network, in this case TP-LINK_eap115. Open your web browser and try to visit any HTTP website, you will be directed to the Web Portal page.

Case 1: The None Authentication is selected in step 4. The page will show as below. Users need read the Term of Use and check the box to login.

Case 2: The Local Password or the External Radius Server is configured, and the Local Web Portal is selected. The page will show as below. Users need to submit the username and password and tick I accept the Term of Use.

Case 3: The External Radius Server is configured, External Web Portal is selected, and the browser will be directed to the External Web Portal URL. Users can refer to the page to access more resources by an authentication or other pattern. There is a simple example as show below.

Click the LOGIN button and the web browser will be redirected to the Redirect URL. And now users can surf the Internet.

Is this faq useful?

Your feedback helps improve this site.

Community

TP-Link Community

Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.

Visit the Community >

From United States?

Get products, events and services for your region.