Comodo Dome Firewall

• Introduction To Comodo Dome Firewall - Virtual Appliance
  • Install Dome Firewall And Login To The Administrative Console
• The Main Interface
• The Dashboard
• View And Modify System Status And General Configuration
  • Manage Admin Accounts
    • Add And Manage Administrators
    • Manage Administrative Roles
  • License Activation
  • SNMP Settings
  • Central Management
  • Configure SSH Access
  • High Availability
  • View And Update Firmware Version
  • Create And Schedule Backup Of DFW State
    • Manually Create A Backup
    • Schedule Backup Operations
    • Encrypt Backup Archives
    • Export A Backup
    • Import A Backup Archive From A Local Computer
    • Roll Back The Virtual Appliance To A Previous Time Point
    • Reset The Virtual Appliance To Factory Defaults
  • Shutdown Or Restart The Dome Firewall Virtual Appliance
• View DFW Virtual Appliance Status
  • System Status
  • Network Status
  • System Usage Summaries
  • Network Traffic
  • Network Connections
  • SSLVPN Connections
• Network Configuration
  • Configure Interface Devices, Uplinks And VLANs
    • Configure Interface Devices
    • Add And Manage Gateway Uplink Devices
    • Create VLANs
  • Routes
    • Add And Manage Static Routes
    • Add And Manage Policy Routing Rules
• Configure DFW Virtual Appliance Services And Protection Settings
  • DHCP Server
  • Advanced Threat Protection
    • Manage The ATP Profiles
    • Comodo Antivirus
  • Time Server
  • Intrusion Prevention
    • Configure Intrusion Prevention System
    • Manage IPS Rulesets
    • Manage Application Identification Rulesets
  • Configure Wireless Hotspot
    • Configure Captive Portal Service
    • Customize The Login Page
    • Add And Manage Permanent Users
  • Internet Content Adaptation Protocol
  • Quality Of Service
• Manage Firewall Configuration
  • Firewall Objects
    • Manage Firewall Address Objects
    • Manage Firewall Object Groups
    • Manage Firewall Schedules
    • Active Directory Integration
  • Destination Network Address Translation
  • Source Network Address Translation
  • Configure System Access
  • Configure Firewall Policy Rules
    • Manage Firewall Policy Rules
    • Manage VPN Firewall Rules
• Configure Proxy Services
  • HTTP/HTTPS Proxy Server
    • Configure URL And Content Filtering
    • HTTPS Proxy
• Configure Virtual Private Network Settings
  • SSL VPN Server
    • Configure General SSL VPN Server Settings
    • Manage SSL VPN Client Accounts
    • Configure Advanced SSL VPN Server Settings
    • Configure Clients To Connect To Dome Firewall
  • IPsec Configuration
  • Configure L2TP Server
  • Configure IPSec/L2TP Users
• View Logs
  • Realtime Logs
  • Configure Log Settings
  • Generate Reports
• Appendix - Minimum Requirements For Software Installations

Configure Captive Portal Service

The configuration area lets you enable/disable the captive portal service and choose the method of authenticating end-users.

Authentication Options:

• Authentication with Turkish Identification Number – The end-users that attempt to connect to the hotspot need to enter their 11 digit Turkish Identification Number. The user will be authenticated upon validation of the number.
  

• SMS Authentication – Dome Firewall sends an one-time-password (OTP) as authentication token to the user's SMS enabled mobile device. The end-user needs to enter the token in the login screen displayed at the time of login attempt to connect to the hotspot.
  

• When an user attempts to connect o the hotspot, the login screen will be displayed requesting the user to enter the phone number.

• On receiving the phone number, Dome Firewall sends a random generated OTP to the device through SMS. The user needs to enter the OTP in the next screen to authenticate him/herself.
  
  

To configure the Captive Portal Service

• Open the Configuration interface by clicking Services > Hotspot from the left hand side navigation and selecting the 'Configuration' tab.

• Enable Captive Portal Service – Use the toggle switch to enable or disable the captive portal service for the Wi-Fi hotspot

Captive Portal Options

• Enable Authentication with Turkish Identification Number – Enables the end-users to authenticate themselves by entering their Turkish Identification Number.

• Enable SMS Authentication - Enables the end-users to authenticate themselves by entering the the OTP sent to their mobile devices.

On selecting the SMS authentication, you need to configure the following options:

• Request type – Choose the HTTP Request Type of the API from the SMS service provider from the drop-down. The options available are GET and POST.

• Request URL – Enter the SMS Send Request URL obtained from the service provider in the 'SMS Send HTTP Request' text field. The URL should contain $$NUMBER$$ for the phone number variable and $$MESSAGES$$ variable for the OTP to be sent.

Example: http://smsprovider.com/number=$$NUMBER$$&message=$$MESSAGES$$

Session Time Option

• Session Time – Enter the maximum period (in hours) for which a single Wi-Fi connection session is allowed for a user. The user will be automatically logged out on lapse of the period. To continue, the user needs to re-authenticate and login to the hotspot.

• Click 'Save' for your settings to take effect.