Use Case
There will be situations where an organization has a device that they want to bypass the captive portal and authenticate automatically. This article will show the process of how this is done with a Zscaler integration. **IF MULTIPLE SUBNETS NEED TO BE BYPASSED THEY MUST EACH HAVE THEIR OWN VIRTUAL LOCATION ASSIGNED**
Prerequisites
- Access to Cloudi-Fi admin console
- Access to Zscaler admin console
- Knowledge of IP address scheme you would like to bypass, and how to statically assign on local DHCP Server
1. Log into admin console
Log into the Cloudi-Fi admin console and navigate to the locations section.
2. Create bypass virtual location
When we add a location for Bypass traffic, a secondary location will automatically be provisioned to allow for all other authenticated traffic.
We will be creating a virtual location with the original location set as the parent location, the subnet to the bypass, and the country.
When you are done creating the bypass virtual location you will have:
- Original Location
- Virtual Location for Bypass
- Virtual Location titled other
Allow time for Zscaler and Cloudi-Fi to Sync.
3. Open Location Management
Log into Zscaler and Navigate to Administrator - Location Management
4. Find Location
Search for your main location and then click on the number under the sub-location column.
5. Edit Sub-location
Click on the pencil icon next to the Bypass sub-location.
6. Remove Authentication Requirement
Scroll to the bottom and disable "Enforce Authentication".
7. Activate
After hitting save, click on the Activate button on the left side.
What’s Next?
Congratulations on creating your captive portal bypass using the Zscaler Integration. For any issues with location provisioning or syncing please reach out to Cloudi-Fi Support.