The Guest Access Strategy screen displays information about configured Guest Access Strategies and is used to configure access attributes for guest users. The screen can be used to create, edit, and delete Guest Access Strategies.

To access the Guest Access Strategy screen, click on Network Access > UPAM-NAC > Guest Access Strategy under the “Configure” section of the OmniVista Cirrus Menu.

Creating a Guest Access Strategy

To add a Guest Access Strategy, click on Create Guest Access Strategy to open the Create Guest Access Strategy form. Complete the following sections of the form, then click Create Guest Access Strategy when you are finished.

  • Basic Information - Configure the Guest Access Strategy name and authentication attributes (Captive Portal Template, current FQDN).

  • Login Strategy - Configure the guest user login strategy (for example, login by Username/Password, Terms & Conditions, or Access Code) and specify the success redirect URL.

  • Post Portal Authentication Enforcement - Configure post-authentication enforcement for guest users.

  • Self-Registration Strategy - Configure the self-registration attributes for guest user login when the guest user is required to perform self-registration and approval before accessing the network. In this case, the guest user account is automatically created and sent to the guest user through e-mail by UPAM. The self-registration strategy is only applicable when the login strategy is set to login by Username and Password.

Basic Information

  • Strategy Name - Enter the name to assign to the Guest Access Strategy.

  • Captive Portal Template - Select an existing Captive Portal page template to use for guest user login from the drop-down menu or click on Create Template to create a new template to use (see the Captive Portal Templates online help).

  • Current FQDN - The Fully Qualified Domain Name to use for the Captive Portal page redirection.

Login Strategy

  • Login By - Specify the login method:   

    • Username & Password - Guest user login by their credential (Username and Password).

    • Terms & Condition - Guest user login by accepting the Terms and Conditions.

    • Access Code -  Guest user login by a unified access code.

  • Success Redirect URL - Specify the redirect URL for the browser after the guest user passes captive portal authentication:

    • Go to fixed URL - Redirect to a fixed web page. When you select this option, a “Fixed URL” field is displayed in which you enter the URL to use.

    • Go to initial URL - Redirect to the guest-user-input URL after passing authentication.

    • Go to success page - No redirect URL. Remain on the “Success” login page configured by the Administrator.

Post Portal Authentication Enforcement

  • Access Role Profile - The Access Role Profile assigned to the guest user after passing authentication. Select a profile from the drop-down menu or click on Create Access Role Profile to add a new profile to use (see the Access Role Profile online help).

  • Unified Policy List - The Policy List assigned to the guest user after passing authentication. Select a list from the drop-down menu or click on Create Unified Policy List to add a new list to use (see the Unified Policies List online help).

  • Other Attributes - Select an attribute from the drop-down and enter a value. To add additional attributes, click on Add Attribute.

    • Session-Timeout - The Session Timeout Interval is the maximum number of consecutive seconds of connection allowed to the user before termination of the session or prompt. If not configured, the device’s default session timeout policy will take effect. (Range = 12000 - 86400, Default = 43200)

    • Acct-Interim-Interval - The Accounting Interim Interval for RADIUS accounting, in seconds. If not configured, the device’s default accounting policy will take effect. (Range = 60 - 1200, Default = 600)

    • WISPr-Bandwidth-Max-Up - The user upstream bandwidth, in kbit/s. By default, it is not limited.

    • WISPr-Bandwidth-Max-Down - The user downstream bandwidth, in kbit/s. By default, it is not limited.

Self-Registration Strategy

  • Self-Registration Strategy - Enable or disable the self-registration feature. When enabled:

    • Username Created By - The field from which the guest user account is retrieved, the information is entered by the guest user in the self-registration login page:

      • Username - Login account for the guest user.

      • Email Address – Email address of the guest user.

      • Phone Number - Phone number of the guest user.

  • Password Creation - Password creation method:

    • Manually - Password for guest user account is set by guest user in the self-registration web page.

    • Automatically - Password for guest user account is automatically generated by UPAM and sent to guest user through E-mail.

  • Approval - Specify whether the guest registration request is required to be approved by a sponsor in the company or a guest operator. The employee sponsor could be an Administrator or employee the guest is going to visit. 

    • Disabled - Approval by an employee or guest operator in not required.

    • Approved by Employee Sponsor - Approval by the employee specified in the Self-Registration Request Screen is required.

      • Email Suffix Restriction - Enter the employee sponsor e-mail suffix(es) and click on the Add icon. This is the e-mail suffix used by the company employee, which will be combined with a specific employee e- mail ID to form a full e-mail address. The registration request will be sent to this e-mail address.

      • Full Email - Enter the full employee e-mail address.

    • Approved by Guest Operator - Approval by a guest operator specified on the Guest Operator screen is required.

      • Location-Based Notification - Enables/Disables location-based notification. When enabled, send the guest request to guest operators for the specific location. When disabled, send the guest request to all operators.

  • Required Attributes - Customize the information fields that the guest user is required to input during self-registration. Certain fields are required and pre-configured for employee sponsor or guest operator approval.

    • Username - Login account for the guest user.

    • Password - Login password for the guest user. If the password creation method is set to “Automatically”, the guest user does not have to enter this field.

    • Full Name - Full name of the guest user.

    • Email ID- Email address of the guest user.

    • Phone Number - Phone number of the guest user.

    • Company - Name of the company the guest user is representing.

    • Position - Position of the guest user in their company.

    • Department – Department of the guest user in their company.

    • Country or Region - Country or region of the guest user’s company.

    • Employee Visited - The employee being visited by the guest user.

    • Employee Email ID - Email address of the employee being visited.

    • Employee Phone Number - Phone number of the employee being visited.

    • Reason Visited - The purpose of the guest user’s visit.

  • Service Level - When Service Level is set to "None", settings of Registration Strategy in Global Configuration will take effect for guest self registration.

  • Authorize by Verification Code - If the e-mail or phone number is required, Enables/Disables whether to send a verification code to specified address to ensure the e-mail or phone number is correct.

  • Password Visibility - Enables/Disables whether to display account information such as name and password on the Registration Result Page.

Editing a Guest Access Strategy

Select a Guest Access Strategy in the Guest Access Strategy List and click on the Edit icon under the “Actions” column or click on the Actions button and select Edit from the drop-down menu. The Guest Access Strategy Information screen opens on which you can edit any of the strategy attributes, as described above. Note that you cannot change the Strategy Name.

After you have edited the Guest Access Strategy, click Save.

Deleting a Guest Access Strategy

Select a Guest Access Strategy in the Guest Access Strategy List and click on the Delete icon under the “Actions” column or click on the Actions button and select Delete from the drop-down menu. When the following confirmation prompt appears, click on Delete to delete the profile.