1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Network Router
  5. OL-4387-02
  6. Configuration manual

Initial Captivation - Cisco OL-4387-02 Configuration Manual

Router service selection gateway configuration guide
Hide thumbs
Table of Contents

Advertisement

Chapter 10
SSG TCP Redirect
Figure 10-1 Restricting Access to Networks within Authorized Services
The following describes the behavior of redirection for unauthorized services:

Initial Captivation

Initial captivation redirects certain packets from users for a specific period of time. After a user logs on,
packets to certain TCP ports are redirected to a server for advertisements and branding. SSG captivates
the user by redirecting all user packets to those TCP ports regardless of the destination address.
Captivation is active for a specified duration, starting from the first redirected session.
If you configure initial captivation globally by using the CLI, captivation applies to all authenticated
users. You can also enable initial captivation in the RADIUS user profile as an Account-Info attribute to
override the CLI setting.
The user profile contains the following information for initial captivation:
OL-4387-02
If a packet arrives from an unauthorized SSG user or it is destined to an unauthorized service,
SSG redirects the packet if the packet matches the protocol and ports configured as the redirection
filter. If the packet does not match the filter, SSG drops the packet.
If a packet arrives from an unauthorized service or is destined to an unauthorized SSG user,
SSG drops the packet.
If a user's connection is subject to redirection or captivation, SSG redirects to SESM any packets
from the connection that match the protocol and ports for redirection and captivation.
If packets from the connection do not match the protocol and ports configured as a filter, SSG drops
the packets.
Server group name
Use the CLI to configure the server group and associate a port or port list to the server group.
Note
Duration of captivation
Service name (optional)
Note
If you specify the optional service name, captivation activates only when logon to that
service occurs.
ServiceA
10.0.0.0/8
IPTVService 10.1.1.1/32
Cisco 10000 Series Router Service Selection Gateway Configuration Guide
10-3

Advertisement

Table of Contents
loading

Related Manuals for Cisco OL-4387-02

Related Content for Cisco OL-4387-02

This manual is also suitable for:

10000 series

Table of Contents