Skip to content
The XG Series hardware appliances will reach end-of-life (EOL) on March 31, 2025. Click here to see the XG to XGS migration documentation.

Configure an SMS gateway

You can configure an SMS gateway for guest user authentication.

Warning

The settings on this page are examples from a third-party SMS gateway service provider. We recommend contacting your SMS gateway service provider to ensure you're using the correct settings for your environment.

Add an SMS gateway

  1. Go to Authentication > Guest user settings, scroll to SMS gateway, and click Add.
  2. Enter a name.
  3. Specify the settings.

    Setting Description
    URL

    URL of the SMS gateway for sending an SMS request.

    Example:

    http://www.example.com/sms.aspx?user=joey&pass=joey123&mbno=9792234567&msg=Test

    If you want to use special characters for username and password, you must use the URL-encoded (percent-encoded) format. For example, the URL-encoded format of the @ symbol is %40.

    HTTP method Method for sending an SMS request to the SMS gateway. Select Get to request data from a specified resource. Select Post to submit data to be processed by a specified resource.
    Cell number format Use country code with mobile phone number.
    Number prefix Prefix to be used with the mobile phone number. Can include alpha-numeric and ASCII special characters.
  4. Enter request parameters specified by your service provider.

    Here's an example:

    If http://www.example.com/sms.aspx?user=joey&pass=joey123&mbno=9792234567&msg=Test is the request URL, the request parameters must be as follows:

    Name Value
    user joey
    pass joey123
    mbno {mobileno}
    msg {msg}
  5. Enter the response format specified by your service provider.

    Here's an example:

    If status=302&message=Limit Exceeded is the response received, the response format must be as follows:

    status={0}&message={1}

  6. Enter the response parameter specified by your service provider.

    Here's an example:

    If status={0}&message={1} is the response format, the response parameters must be as follows:

    Parameter index Name
    0 status
    1 message
  7. Click Save.

Click Test connection and type a mobile phone number. If you can connect to the gateway, you will receive an SMS message.

Note

If you're using a private SMS gateway server with an internal IP address, Test connection will fail. You must use a mobile device to test the SMS connection. See Test scenario.

Control password parameters on the firewall

  1. Go to Authentication > Guest user settings > Guest user general settings.
  2. Configure the settings. For more information, see Guest user general settings.

    Guest user general settings.

  3. Click Apply.

Turn on authentication with the newly created SMS gateway

  1. Go to Authentication > Guest user settings > Guest user registration settings.
  2. Select Enable guest users registration.
  3. Configure the registration settings. For more information, see Guest user registration settings

    Guest user registration settings.

  4. Click Apply.

Configure firewall rules

Configure a rule to allow Wi-Fi users access to DNS traffic.

  1. Go to Rules and policies > Firewall Rules.
  2. Click Add firewall rule and select New firewall rule.'
  3. Specify the rule name and position.
  4. Configure the following settings:

    Setting Value
    Action Accept
    Source zones WiFi
    Source networks and devices Any
    Destination zones WAN
    Destination networks Any
    Services DNS
  5. Click Save.

Configure a rule to apply the user-based policy and force unauthenticated users to be redirected to the captive portal.

  1. Go to Rules and policies > Firewall Rules.
  2. Click Add firewall rule and select New firewall rule.
  3. Specify the rule name and position.
  4. Configure the following settings:

    Setting Value
    Action Accept
    Source zones WiFi
    Source networks and devices Any
    Destination zones WAN
    Destination networks Any
    Services Any
  5. Select Match known users.

  6. Select Show captive portal to unknown users.
  7. Click Save.

SMS customization

You can customize the SMS message for your environment. Do as follows:

  1. Go to Administration > Messages.
  2. Click SMS customization to see the SMS message.
  3. Click edit Edit button..
  4. Enter your custom message.

    Note

    If your SMS gateway accepts only messages of a specific template, make sure that the customized message follows the template. If they don’t match, the test connection won’t work, and the SMS server may reject the message.

  5. Click apply apply button..

Test scenario

A user connects to the Wi-Fi network.

  1. The following page is shown.

    Sign in to Wi-Fi Network.

  2. Click Register for internet access.

  3. Enter the requested information.

    Guest User Registration.

  4. Click Save.

  5. If the registration is successful, the sign-in page is shown.

    Guest user registration successful.

  6. The user will receive an SMS message containing the username and password.

    Username and password.

  7. Users can now use the credentials received through SMS to sign in to the Wi-Fi network.

    Sign in to Wi-Fi Network.

  8. After successful login, the following page is shown.

    You are signed in.

  9. The user appears in the Current activities > Live users and Authentication > Guest users sections of Sophos Firewall. Reporting data is also available.

    Live Users.

    Guest Users.

More resources