# Captive Portal

A captive portal can intercept network traffic until a user authenticates his/her connection, usually through a specifically designated login page.

Click **Configure** > **SSID > Captive Portal** to access this screen.

![](/files/XOKdWi5OZzOo7uKoFJst)

## Authentication Type

* **Click-through**: Users must view and acknowledge your splash page before being allowed on the network.
* **EnGenius Authentication**: Users must enter a username and password before being allowed on the network. You could edit user settings through **Configure** > **Cloud RADIUS User**.
* **Custom RADIUS**: Enter the **host** (IP address of your RADIUS server, reachable from the access points), **port** (UDP port the RADIUS server listens on for access requests, 1812 by default), and **secret** (RADIUS client shared secret). Optionally,  the **Accounting Server** can be enabled on an SSID that's using WPA2-Enterprise with RADIUS authentication.&#x20;
* **Voucher Service**: Edit the access plan for guests for the front desk manager.
* **Google LDAP:**  [**https://doc.engenius.ai/cloud-white-papers/authentication-with-google-secure-ldap-server**](https://doc.engenius.ai/cloud-white-papers/authentication-with-google-secure-ldap-server)
* **Active directory:** [**https://doc.engenius.ai/cloud-white-papers/authentication-with-microsoft-active-directory-ad-server-for-wireless-users**](https://doc.engenius.ai/cloud-white-papers/authentication-with-microsoft-active-directory-ad-server-for-wireless-users)

{% hint style="info" %}
**Note:**\
When the SSID security type is set to **WPA2-Enterprise** or **WPA3-Enterprise**, **only** the **Click-through** authentication type is supported for Captive Portal.
{% endhint %}

## Redirect URL&#x20;

Configure the URL to which users will be redirected after successful login.

![](/files/-LmcwgJ-6JD8Tb1DAH__)

**Redirect to the original URL**: Select this option to cache the initial website from the client during the authentication process and then forward it to the originally targeted web server after the user successfully authenticates.

**Redirect users to a new URL**: Select this option to redirect users to a pre-designated URL after the user successfully authenticates.

## Advanced Setting

![](/files/-MiL9GURCj9TnmUk1z1N)

**Session Timeout**: Specify a time limit after which users will be disconnected and required to log in again.

**Idle Timeout**: Specify a time limit for an idle client after which users will be disconnected and required to log in again.

**Walled Garden**: This option allows users to define network destinations that users can access before authenticating. For example, your company's website.

**HTTPS Login:** This option allows users to log in through HTTPS. When you enable it, your password is encrypted, so others could not retrieve your information.&#x20;

&#x20;


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://doc.engenius.ai/home-cloud-user-manual/configuring-networks/configuring-access-points/configuring-ssids/configuring-captive-portal.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.