Client Portal VPN

One of our routers Cyberroam as an example…
They allow us to have a captive portal that will create a download of a program and provide a download of a configuration file for a IPsec VPN between a client machine and my network. And uses Active Directory/Radius Server as the authentication server.

This would be a great function to have to allow the end user to have a program they download from the peplink routers captive portal that would configure the end users machine for vpn access to my network. Matching domain credientials. Also to have the end users login to the portal site with their domain credentials.

FYI this would be great if it could also talk with active directory, this would allow for more grandular control by adding users to group and allowing those groups to detirming if the VPN Access is granted. Also it would allow me to give specific access to the router, such as read only access. Also hopefully if this is possible in the future to select what parts of the peplink router I want visible based on the active directory group the end user is selected on.

It would be great it the portal vpn could also accomidate a vpn tunnel that is encapsulated on port 80 instead of pptp or l2pt. This would help resolve some vpn problems in places like hotels.

Please ensure the Captive portal allows for the ability to have a user log into the portal via a radius server.
Once login is verified, have a utility that will create a vpn connection over port 80 between the end user and a specific network or network set.