Do I need to keep controller running when using portal authentication?

Available portal authentication methods in EAP/Omada Controller include No Authentication, Simple Password, Local User, Voucher, SMS, Facebook, External Radius Server and External Portal Server. If you are not familiar with the configuration please refer to FAQ 896.

After the configuration, you may raise the question whether you should keep the EAP/Omada controller running. The simple answer is yes. To make the most use of portal authentication; you should keep it running.

The table below lists the behaviors of each authentication type when controller is online and offline.

Authentication Type	Controller Online	Controller Offline
*No Authentication*	Portal page provided by EAP/Omada Controller Authenticated by EAP/Omada Controller	Portal page provided by EAP Authenticated by EAP
*Simple Password*	Portal page provided by EAP/Omada Controller Authenticated by EAP/Omada Controller	Portal page provided by EAP Authenticated by EAP
*Voucher*	Portal page provided by EAP/Omada Controller Authenticated by EAP/Omada Controller	No longer provide authentication, newly connected clients can’t pass the authentication Authenticated clients keep the previous authentication status and can go to the Internet
*Local User*	Portal page provided by EAP/Omada Controller Authenticated by EAP/Omada Controller	No longer provide authentication, newly connected clients can’t pass the authentication Authenticated Clients keep the previous authentication states
*SMS*	Portal page provided by EAP/Omada Controller Authenticated by EAP/Omada Controller	No longer provide authentication, newly connected clients can’t pass the authentication Authenticated Clients keep the previous authentication states
*Facebook*	Portal page provided by EAP/Omada Controller Authenticated by EAP/Omada Controller	No longer provide authentication, newly connected clients can’t pass the authentication Authenticated Clients keep the previous authentication states
*External Radius Server*	Portal page provided by EAP/Omada controller or external web portal Authenticated by radius server	Portal page provided by EAP or external web portal Authenticated by radius server
*External Portal Server*	Portal page and authentication both provided by portal server	No longer provide authentication, newly connected clients can’t pass the authentication Authenticated Clients keep the previous authentication states

Summary:

For Voucher, Local User, SMS, Facebook and External Portal Server authentication the controller should stay running since all client keep the previous authenticated states or it would no longer provide authentication. Clients who have passed the authentication before the Controller is down can access the Internet while the rest client devices have no means to finish the authentication and cannot access the internet.
For other authentication types, it works to some extent when EAP/Omada controller is offline. But the clients will not be able to see the customized logo and background image. When client moves from one EAP to another, the portal page will pop out again even the authentication do not “time out”. So, to make the best use of portal authentication, please keep the controller running.

Note: The mechanism of portal has been changed, when EAP is disconnected from the Omada Controller, clients cannot authenticate successfully. (This change only takes effect on the firmware which are released after July 2019. )