Changing User Splash Page Frequency with API

jvilomar
Here to help

Changing User Splash Page Frequency with API

Hi, 

 

We have a captive portal, that basically allows the client to connect and navigate for 10 minutes, that is in order to allow him to validate and email acount provided in a form.

 

So when the user validate the email, I wan to override the duration time and let the navigation time goes to the default Splash Page Frequency setting, I capture the Client MacAddress, but, I don't know how to access the frequency setting using the API and I can't see how I can capture the network id  in wich the client is trying to connect.

 

So basically:  

 

There is a way that I can retrieve the network id  for any given user?

There is a way that I can change the user duration to the default splash page frequency?

12 REPLIES 12
PhilipDAth
Kind of a big deal
Kind of a big deal

What happens if you just resubmit the GET request with a new "duration" parameter?

 

Basically repeating step 4 here with a new duration?

http://na61.salesforce.com/_ui/selfservice/pkb/PublicKnowledgeSolution/d?orgId=00D600000006uBw&id=50...

Hi, Thanks for your reply.

 

After the user get the redirect from the AP, I can't control where he goes or where he validated the email inmediatle, so I don't know how to re send the info of the base_grant_url, continue_url and so on.

 

I mean, after the redirect, we lost track of the user. There are to sepparate process, One for the login where the captive portal send an email to be validated, but the user is allowed to navigate for ten minutes.  And the other is the validation process itself, when the user navigate to the mail page and proceed to validate a link, and there is when I need to change the Frequency.

PhilipDAth
Kind of a big deal
Kind of a big deal

I know Splash Access let you do this kind of thing, so there must be a way.

 

I wonder if we can get @HodyCrouch  to give some insight.

I'm wondering if this might have to be done via RADIUS and a COA (change of authorisation).

Thanks Phill,

 

We don´t user RADIUS at all, we are working with click - trough, because we need to gather some info, like name, gender and so on.

 

It´s a little tricky, does it?

 

But anyway, I really appreciate your help.

To use CoA it looks like you would have to enable MAC based authentication as well (for your use case).

https://documentation.meraki.com/MR/Encryption_and_Authentication/Change_of_Authorization_with_RADIU...

HodyCrouch
Building a reputation

A quick and dirty approach is to create a Group Policy that does not require a splash page.  After the user signs in, you can use the Dashboard API to apply that group policy to their device.  At some future point, you can remove the group policy from their device, which will cause the splash page to appear again.

 

As Philip suggests, you can get more control using Sign-On splash with RADIUS, interim updates, and CoA disconnects.  See

https://documentation.meraki.com/MR/Splash_Page/Interim_Updates_for_Splash_Sign-on

 

Hosting your own RADIUS server gives you a lot more control.

We have hundreds of thousands of customers, since is a huge project of free internet, but we need to capture some info, then this represent another bump.  Basically we are in a cross road.  

HodyCrouch
Building a reputation

You probably already considered this, but I wanted to make sure.

 

In most environments I set up that require some type of sign-in through a splash page, we configure a walled garden.  This allows the device to navigate around the splash page, view T&Cs, and sometimes access promotional content prior to completing the sign-in/splash process.

 

You then set up the splash interval to something that you would expect.  Sometimes hours, sometimes days, sometimes longer.  Depends on the goals and the customer.

Correct! Actually that is how it is working right now, but the customer need to fill some info on the splash page, and then we allow him to navigate for 10 minutes, in order to validate the email, if didn´t validate then the session will timeout and the splash will be shown again.

 

That is when things go a little bumpy, because we need to change the interval, to the default wich is a day, after the user validate the email, wich is a link.

 

I´m really sad for taking a lot of time of both of you and I know that maybe you are really bussy.  Really Thanks.

MichelRueger
Building a reputation

Hi HodyCrouch,

 

We have the same problem.

We want to give a User with registered true the Splash page for 1 Year acces without going again true the Splash page. But the maximum amount of 90 Day for Splash frequency makes this inpossible. so we want to youse the Whitelisted group Policy to do so but only for a certain SSID. You can do it true the Dashboard but not true the API.

 

If you have only 1 SSID the group Policy "Withelisted" or your personal group Policy with the option Splash bypass is enabled will work.

 

 

HodyCrouch
Building a reputation

The Dashboard API does not currently allow you to set different policies by SSID for a client (according to the documentation).

 

For a possible workaround, take a look at this thread.  I haven't tried this approach myself.  You would have to figure out what value corresponds to your group policy.

 

https://community.meraki.com/t5/Wireless-LAN/API-Block-a-device-from-an-SSID/m-p/37958#M5965

Get notified when there are additional replies to this discussion.