Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch N1500 Series
391392393394395396397398399400
394 Authentication, Authorization, and Accounting
Captive Portal and DNS
CP allows unauthenticated users access to DNS services on TCP and UDP
destination port 53. CP inspects all DNS traffic to ensure that it conforms
with the DNS protocol (RFC 1035/1996). CP checks the format of DNS
messages and discards packets that do not conform to the minimum
standards. Specifically, CP performs the following checks on a DNS packet:
The packet must have a full-size header and at least one question field
The packet must have a valid DNS response code
The first question field must not exceed 63 octets in length, nor must the
length field be greater than 63
The first question class field must be valid.
Captive Portal Troubleshooting
The following table explains the status values for CP authentication sessions
and the resulting actions taken, if any. CP global status, interface status, and
session status are available in the user interfaces.
Table 9-13. Captive Portal Status Values
Status Value Description Browser Action
Default Initial request from the client. Used to detect initial request.
Serve Default serve. Used when serving the initial
connection page.
Validate Actual validation request. Indicates that the user has
submitted credentials and
requests authentication.
WIP Indicates that validation is in
progress.
The validation page begins to
poll the server until the status
flag changes. The actual poll
request is the same http(s)
request used to “validate” as
described above. While waiting
between polls, the browser
displays an “authorization in
process” message.