Unregistered View configurations - Adaptive Applications - BlueCat Gateway - 3.0.0

Device Registration Portal

prodname
BlueCat Gateway
version_custom
3.0.0

Using DNS Views, Unregistered clients are restricted so that all traffic is redirected to the DRP portal. This forces unknown clients to register before being granted access to external resources as a Guest client, or full network access as a Registered client.

Note: When creating an Unregistered View, select the Enable DNS Redirection for Device Registration Portal option and enter the IP address of the DRP server in Device Registration Portal IPv4 Address.
The following tables describe the required configurations required for an Unregistered View:
  • Internal root zone—Enable the internal root zone to be deployable to ensure that the wildcard * root enabling client redirection will be deployed.
    Configuration Description/Value
    Internal Root Zone Select the Deployable checkbox.

  • DNS zone—Create a DNS zone for each label in the DNS/DHCP Server's DNS hostname.
    Configuration Description/Value
    DNS zone Create a zone for the last two labels in the DNS/DHCP Server's DNS hostname. If the server is configured with a Primary or Secondary deployment role at the View level, you need to create a DNS zone for each label in the DNS/DHCP Server's DNS hostname. For example, if you have a DNS/DHCP Server with a Primary DNS deployment role at the View level, and the server's hostname is ns1.example.com, you need to create com and example.com zones and set the zones as Deployable.

  • Host record—Create a host record for the zones you have created in the Unregistered View.
    Configuration Description/Value
    Zones for each label in the DNS/ DHCP Server's DNS hostname. For example:
    • top level zone - com
    • sub level zone - example.com
    Add a wildcard * host record in the top and sub level zones with the IP address of the DRP server.
    • *.com
    • *.example.com

  • DNS options—Add the following DNS options to define the deployment of the necessary DNS service.
    Configuration Description/Value
    Match Clients Add the Match Clients option with the value indicating Unregistered DHCP range at the View level to direct unknown devices to an IP address range defined in the Unregistered DHCP ranges.
    CAUTION:
    When changing the Unregistered DHCP range, you must update the Match Clients option that you added at the View level with the changed DHCP range information.
    Note: If you want to run your DRP in Verification mode, you must add none in the IP Address or ACL name field.
    Allow Query Add the Allow Query option with the DHCP IP Range. This is only required if your DNS/DHCP Server and the DHCP range are NOT in the same IP subnet.

  • DNS deployment roles—Assign DNS roles to zones and View level for DNS deployment to occur.
    Configuration Description/Value
    DNS deployment role to the Unregistered View Add the Primary DNS deployment role to the Unregistered View.