Do I need to keep Omada Controller running when using portal authentication?

User Application Requirement
Updated 07-01-2024 03:44:23 AM 84062
This Article Applies to: 

Suitable for: Omada Controller 2.4.4 or higher and EAP series with corresponding firmware

Available portal authentication methods in Omada Controller include No Authentication, Simple Password, Local User, Voucher, SMS, External Radius Server and External Portal Server. If you are not familiar with the configuration please refer to FAQ 896.

After the configuration, you may raise the question whether you should keep the EAP controller running. The simple answer is yes. To make the most use of portal authentication; you should keep it running.

The table below lists the behaviors of each authentication type when controller is online and offline.

Authentication Type

Controller Online

Controller Offline

No Authentication

  1. Portal page provided by EAP Controller
  2. Authenticated by EAP Controller
  1. Portal page provided by EAP
  2. Authenticated by EAP

Simple Password

  1. Portal page provided by EAP Controller
  2. Authenticated by EAP Controller
  1. Portal page provided by EAP
  2. Authenticated by EAP

Voucher

  1. Portal page provided by EAP Controller
  2. Authenticated by EAP Controller
  1. No longer provide authentication, newly connected clients cannot

pass the authentication

  1. Authenticated clients keep the previous authentication status and can go to the Internet

Local User

  1. Portal page provided by EAP Controller
  2. Authenticated by EAP Controller
  1. No longer provide authentication, newly connected clients cannot

pass the authentication

  1. Authenticated Clients keep the previous authentication states

SMS

  1. Portal page provided by EAP Controller
  2. Authenticated by EAP Controller
  1. No longer provide authentication, newly connected clients cannot

pass the authentication

  1. Authenticated Clients keep the previous authentication states

External Radius Server

  1. Portal page provided by EAP controller or external web portal
  2. Authenticated by radius server
  1. Portal page provided by EAP or external web portal
  2. Authenticated by radius server

External Portal Server

Portal page and authentication both provided by portal server

  1. No longer provide authentication, newly connected clients cannot

pass the authentication

  1. Authenticated Clients keep the previous authentication states

Summary:

  1. For Voucher, Local User, SMS, and External Portal Server authentication the controller should stay running since all client keep the previous authenticated states or it would no longer provide authentication. Clients who have passed the authentication before the Controller is down can access the Internet while the rest client devices have no means to finish the authentication and cannot access the internet.
  2. For other authentication types, it works to some extent when EAP controller is offline. But the clients will not be able to see the customized logo and background image. When client moves from one EAP to another, the portal page will pop out again even the authentication do not “time out”. So, to make the best use of portal authentication, please keep the controller running.

Note: The mechanism of portal has been changed, when EAP is disconnected from the Omada Controller, clients cannot authenticate successfully. (This change only takes effect on the firmware which are released after July 2019.)

Related FAQs

Is this faq useful?

Your feedback helps improve this site.

Recommend Products

Community

TP-Link Community

Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.

Visit the Community >

From United States?

Get products, events and services for your region.