300-435 Question #79: Real Exam Question with Answer & Explanation

Question

Drag and Drop Question. Drag and drop the steps from the left into the order on the right to create an end-to-end flow for Meraki Splash Screen using EXCAP.

Explanation

This question tests knowledge of the Meraki External Captive Portal (EXCAP) splash screen flow, which offloads guest authentication to a third-party web server instead of Meraki's built-in portal. Understanding the correct sequence is critical for deploying custom splash pages on Meraki wireless networks.

Approach. The correct EXCAP end-to-end flow follows this sequence: (1) The client associates with the SSID and receives a DHCP address but has no internet access yet. (2) The client opens a browser and makes an HTTP request, which Meraki intercepts and redirects to the external splash URL with query parameters appended (base_grant_url, user_continue_url, client_ip, client_mac, node_mac). (3) The external web server presents the custom splash/login page to the user. (4) The user submits credentials or accepts terms, and the external portal POSTs to the base_grant_url (Meraki's grant endpoint) to authorize the client. (5) Meraki grants internet access and redirects the user to the user_continue_url (their original destination). This flow is key because the external server never directly controls the firewall - it only signals Meraki via the grant URL callback.

Concept tested. Meraki EXCAP (External Captive Portal) splash screen authentication flow - specifically the sequence of redirect, parameter passing (base_grant_url, user_continue_url, client_mac, client_ip, node_mac), external portal interaction, and Meraki grant URL callback to authorize client internet access.

Reference. Cisco Meraki Documentation: External Captive Portal (EXCAP) Overview - Meraki Dashboard > Wireless > Access Control > Splash Page > External Captive Portal

No community discussion yet for this question.