UniFi Guest Networks vs. Guest Portal vs. Hotspot System
Guest Users (i.e., Clients on Guest networks) face access restrictions, different from trusted, “Corporate” Users on default UniFi networks. Guest Networks therefore can exist, independently of the Guest Portal and Hotspot System, which are built-in tools for Guest Authentication, Authorization & Accounting. In other words—the Guest Portal is often/optionally applied to the Guest Network (for authentication), while the Guest Network is always enabled for users authenticating via the Guest Portal.
The Guest Portal is enabled under the Guest Control tab inside Controller Settings, the Guest Portal adds an additional step for authentication of Guest Users attempting to access the Network, including a series of different Policies for Guest Network Authentication.
Guest Portal Details
After establishing physical connectivity to the UniFi Switch, if wired, or UniFi Access Point, if wireless, the Guest Device then proceeds to retrieve an IP Address via DHCP to begin communicating on the network. Until the Guest Device is authenticated by the Controller to access the Network, UniFi Devices will, by default, redirect all Guest traffic to the UniFi Controller. At which point, the UniFi Controller serves the Guest Portal to the Guest Device, by means of a splash page, or landing page, with the following options for authentication:
- With Open Authentication selected, the Guest need only accept a Terms & Conditions Page to begin using the network.
- With Simple Password selected, the Controller requires that the Guest provide a password in order to begin using the network. This is a Layer-7 equivalent of requiring a Passkey to associate with a WLAN, and inherently more useful since the UniFi Controller tracks Guest authentication, under the Insights tab, as well as the Hotspot System.
- With Hotspot selected, UniFi supports Voucher & Payment-based authentication methods. While voucher creation is managed by the Hotspot System, UniFi also supports APIs to integrate the most popular Payment Merchants for each region.
- Finally, The External Portal option allows Admins to integrate their own Guest Portal into the UniFi system.
After successfully authenticating via the designated Authentication method, the Guest is free to send traffic, by default, to the Internet, during a user-defined period of time. Once the period of use for Guest Use expires, all Guest Traffic is once again, re-directed to the UniFi Controller, pending re-authentication, via, the desired authentication method.
|Overview of how Guest users can authenticate via the UniFi Guest Portal server (optionally enabled in the UniFi Controller).|
Guest Portal Customization
UniFi offers two ways for full customization of the Guest Portal, whether via JavaServer Pages developed by, say, a programmer, or, the AngularJS engine, which anyone can use. The AngularJS engine is a powerful, built-in tool that makes customization easy, and straightforward, through instant, graphic previews.
|UniFi’s built-in AngularJS engine makes Guest Portal customization fast & easy.|
UniFi Hotspot System
Intended as a separate Guest management platform, the UniFi Hotspot System comes freely integrated in the UniFi Controller software. UniFi Controller Admins and Hotspot Operators can access the Hotspot System via a link under Guest Control, which performs a URL redirects to another area of the UniFi Controller called /hotspot.
Built separately from the UniFi Controller management system (i.e., Device configuration/adoption sections), trusted employees (e.g., hotel receptionists) can be granted limited-access Hotspot accounts to perform actions on Guest users, including:
- Print vouchers,
- Manage guest authorization,
- Review payments,
- Check guest authentication, and more.
|Preview of UniFi Hotspot System where Operators can quickly create, customize & revoke vouchers for Internet access.|