Source code template for External Web Portal (Business Router)

User Application Requirement
Updated 03-15-2021 09:08:21 AM 47881
This Article Applies to: 

Suitable for Authentication with external web portal on TP-Link Business Routers. If you are using the Omada Controller, please refer to FAQ2912.          

 

Note: The keywords in Bold Italics indicate parameters that are automatically filled by the router and forwarded to the Web Portal Server.

EXTERNAL_WEB_SERVER: The IP address or Domain name (and port if necessary) of the External Web Portal Server.

GATEWAY_IP_ADD: The LAN IP address of the router.

GATEWAY_PORT: A random port by the router.

INTERFACE: The network interface of the router.

AUTH_PORT: The Portal Authentication Port.

CLIENT_IP_ADD: The IP address of the client.

CLIENT_MAC_ADD: The MAC address of the client, the format is like: AA:BB:CC:DD:EE:FF.

REDIRECT_URL: If you do not set the redirect URL after clients passing the authentication, the default redirect URL depends on the wireless clients.

 

This document outlines the requirements when establishing an external web portal server. Please note that External Web Portal can only be used when the authentication page is External Links.

The below picture depicts the workflow among the client, Gateway (SMB Router), External Web Portal, and the local authentication server. It will help you better understand the requirements of establishing an External Web Portal server.

 

1. When the clients are connected to the network and try to access the Internet, the Gateway will intercept their HTTP(S) GET requests and reply with Code 302 to redirect (Step 1 and Step 2).

3. Client sends HTTP GET request to the External Web Server with the below parameters (Step 3 and Step 4).

 ”http(s)://EXTERNAL_WEB_SERVER/?gw_address=GATEWAY_IP_ADD&gw_port=GATEWAY_PORT&gw_id=INTERFACE&ip=CLIENT_IP_ADD&mac=CLIENT_MAC_ADD&url= REDIRECT_URL”.

For example, “http://192.168.0.200:8080/?gw_address=192.168.0.1&gw_port=2060&gw_id=br-lan&ip=192.168.0.101&mac=94:DE:80:57:01:95&url=http://www.tp-link.com” (Step 3).

4. Client sends HTTP GET requests with the username and password to the router (Step 5).

“http://GATEWAY_IP_ADD:AUTH_PORT/ wifidog/logincheck/?user=USERNAME&pwd=PASSWORD&Submit=submit&gw_address=GATEWAY_IP_ADD&gw_port= GATEWAY_PORT &gw_id=INTERFACE&ip=CLIENT_IP_ADD&mac=CLIENT_MAC_ADD&url=REDIRECT_URL&authtype=web”.

For example, http://192.168.0.1:8080/wifidog/logincheck/?user=tplink&pwd=tplink&Submit=submit&gw_address=192.168.0.1&gw_port=2060&gw_id=br-lan&ip=192.168.0.101&mac=94:DE:80:57:01:95&url=http://www.tp-link.com&authtype=web

6. Gateway communicates with the radius server (local authentication or external radius server) to verify the username and password (Step 6 and Step 7).

7. If the authentication is passed, i.e., Access-Accept is received from the radius server, the Gateway will redirect the “Success Redirect URL” or “REDIRECT_URL” decided by the clients.

 

Here is a simple demo for you to develop your External Web Portal working with SMB Routers. Download it.

 

Is this faq useful?

Your feedback helps improve this site.