Configuring a Hotspot
In the Device > Hotspot page, if a network interface was defined for hotspot, you can configure:
-
Guest access - A session is created for an IP address when a user accepts terms or authenticates in the Hotspot portal. The session expires after the configured timeout (240 minutes by default).
-
Hotspot portal - Customize the portal's appearance.
-
Hotspot exceptions - Define specified IP addresses, IP ranges or networks to exclude from the Hotspot.
If no network interface was defined for the Hotspot, click Configure in Local Network.
In the Access section of the page, you can configure if authentication is required and allow access to all users or to a specified user group (Active Directory, RADIUS or local).
Hotspot is automatically activated in the system.
To turn off Hotspot:
-
Go to Device > Advanced Settings.
-
Search for Hotspot and double-click the entry.
-
Select Disabled.
-
Click Apply.
To configure Hotspot for an interface:
-
Click Configure in Local Network.
The Local Network window opens.
-
Select interface and click Edit.
The Edit <interface> window opens.
-
Select Use Hotspot.
-
Click Apply.
Any user that browses from configured interfaces is redirected to the Check Point Hotspot portal.
To configure Hotspot exceptions:
-
Click Manage Exceptions.
The Manage Hotspot Network Objects Exceptions window opens.
-
Select the objects to add as exceptions.
The Selected Network Objects window shows the selected objects. To remove an object from the list, click the x next to it.
-
To filter the object list, enter the filter value. The list shows the objects that match the filter.
-
If necessary, click New to add new objects to the list. For information on how to create a new object, see the Users &Objects > Network Objects page.
-
Click Apply.
The added objects are excluded from the Hotspot.
To require user authentication:
-
Select the Require Authentication checkbox.
-
You can allow access to All users or to a Specific user group.
-
If you selected Specific user group, enter the group's name in the text box.
-
Click Apply.
Any user/user group that browses from configured interfaces is redirected to the Check Point Hotspot portal and must enter authentication credentials.
To configure the session timeout:
-
In Session timeout, enter the number of minutes that defines how long a user stays logged in to the session before it is ends.
-
Click Apply.
To customize the portal appearance:
-
Click Customize Hotspot portal.
-
For Portal title - Keep the default or enter a different title.
-
For Portal message - Keep the default or enter a different message.
-
For Terms of use - Select this checkbox to add an "I agree with the following terms and conditions" checkbox on the Hotspot portal page. Enter the terms and conditions text in the text box. When users click the "terms and conditions" link, this text shows.
-
To customize a logo for all portals shown by the appliance (Hotspot and captive portal used by User Awareness), click Upload, browse to the logo file and click Apply. If necessary, click Use Default to revert to the default logo.
-
Click Apply.
To prevent simultaneous login to the Hotspot portal:
-
Go to Device > Advanced Settings.
-
Select Hotspot.
-
Click Edit.
The Hotspot window opens.
-
Click the checkbox for Prevent simultaneous login.
-
Click Apply.
The same user cannot log in to the Hotspot portal from more than one computer at a time.
On the Active Devices page (available through the Home and Logs & Monitoring tabs), you can revoke Hotspot access for connected users.