Do I need to keep controller running when using portal authentication?

User Application Requirement
Updated 12-26-2019 01:47:52 AM 69560
This Article Applies to: 

Available portal authentication methods in EAP/Omada Controller include No Authentication, Simple Password, Local User, Voucher, SMS, Facebook, External Radius Server and External Portal Server. If you are not familiar with the configuration please refer to FAQ 896

After the configuration, you may raise the question whether you should keep the EAP/Omada controller running. The simple answer is yes. To make the most use of portal authentication; you should keep it running.

The table below lists the behaviors of each authentication type when controller is online and offline.

Authentication Type

Controller Online

Controller Offline

No Authentication

  • Portal page provided by EAP/Omada Controller
  • Authenticated by EAP/Omada Controller
  • Portal page provided by EAP
  • Authenticated by EAP

Simple Password

  • Portal page provided by EAP/Omada Controller
  • Authenticated by EAP/Omada Controller
  • Portal page provided by EAP
  • Authenticated by EAP

Voucher

  • Portal page provided by EAP/Omada Controller
  • Authenticated by EAP/Omada Controller
  • No longer provide authentication, newly connected clients can’t 

pass the authentication

  • Authenticated clients keep the previous authentication status and can go to the Internet

Local User

  • Portal page provided by EAP/Omada Controller
  • Authenticated by EAP/Omada Controller
  • No longer provide authentication, newly connected clients can’t 

pass the authentication

  • Authenticated Clients keep the previous authentication states

SMS

  • Portal page provided by EAP/Omada Controller
  • Authenticated by EAP/Omada Controller
  • No longer provide authentication, newly connected clients can’t 

pass the authentication

  • Authenticated Clients keep the previous authentication states

Facebook

  • Portal page provided by EAP/Omada Controller
  • Authenticated by EAP/Omada Controller
  • No longer provide authentication, newly connected clients can’t 

pass the authentication

  • Authenticated Clients keep the previous authentication states

External Radius Server

  • Portal page provided by EAP/Omada controller or external web portal
  • Authenticated by radius server
  • Portal page provided by EAP or external web portal
  • Authenticated by radius server

External Portal Server

Portal page and authentication both provided by portal server

  • No longer provide authentication, newly connected clients can’t 

pass the authentication

  • Authenticated Clients keep the previous authentication states
 

Summary:

  1. For Voucher, Local User, SMS, Facebook and External Portal Server authentication the controller should stay running since all client keep the previous authenticated states or it would no longer provide authentication. Clients who have passed the authentication before the Controller is down can access the Internet while the rest client devices have no means to finish the authentication and cannot access the internet.
  2. For other authentication types, it works to some extent when EAP/Omada controller is offline. But the clients will not be able to see the customized logo and background image. When client moves from one EAP to another, the portal page will pop out again even the authentication do not “time out”. So, to make the best use of portal authentication, please keep the controller running.

Note: The mechanism of portal has been changed, when EAP is disconnected from the Omada Controller, clients cannot authenticate successfully. (This change only takes effect on the firmware which are released after July 2019. )

Is this faq useful?

Your feedback helps improve this site.