Netgear WC7600v2 – ProSAFE Wireless Controller User Manual

If the network authentication uses an external RADIUS server, you 
cannot configure captive portal authentication. That is, if you configure 
an external RADIUS server with WPA, WPA2, or WPA & WPA2 (or if 
you use legacy 802.1X), you cannot configure captive portal 
authentication; the network authentication must be Open System, 
Shared Key, WPA-PSK, WPA2-PSK, or WPA-PSK & WPA2-PSK (see 

Note these guidelines for captive portal user authentication and accounting through an 
external RADIUS server:

You can use either the basic-Auth RADIUS server or a RADIUS server of an advanced 
authentication group. You cannot use the external LDAP server.

The wireless controller uses CHAP or MS-CHAP as the authentication protocol with the 
authentication server.

The following RADIUS authentication variables are supported on the wireless controller:

User-Name 

User-Password

WISPr-Session-Terminate-Time

Session-Timeout

If you change the values for any of these variables before the WiFi client disassociates 
from the access point, the new values are not updated on the wireless controller.

A managed access point can send accounting information to the external RADIUS server 

because the wireless controller functions as a proxy RADIUS client for the managed 
access point. The following RADIUS accounting variables are supported on the wireless 
controller:

Acct-Input-Octets

Acct-Output-Octets

Acct-Input-Gigawords

Acct-Input-Gigawords

You can configure a basic guest portal or captive portal with a local or external authentication 
server.

You would typically use the basic portal in the profiles of a basic profile group of a small-scale 
network. However, you can assign the basic portal to any profile, whether in the basic profile 
group or in an advanced profile group.