LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

In access control, what is the difference between authentication and authorization, and how does a Captive Portal combine them?

Authentication verifies who you are; authorization decides what resources you may access. The Captive Portal setup treats both together under "Authentication."

AuthN gate (portal login) binds identity to IP; AuthZ gate (security rule) allows/denies per group.

* Two gates: authenticate once (who), authorize per request (what). *

These are two separate steps that are frequently combined in practice:

Term Question it answers Example
Authentication Who are you? Logging into the Captive Portal with username + password
Authorization What are you allowed to do? A Security Rule that lets the C-level user reach meteo.ch but blocks the Normalbürger group

The user first authenticates at the Captive Portal (proving identity), which binds their identity to their IP via User-ID. Security Policy Rules then authorize — deciding per user/group what traffic is permitted. This combined flow is called simply "Authentication."

Why keep them conceptually separate? A valid login (authentication) does not automatically grant access to everything (authorization). Mixing them up leads to over-privileged accounts.

Tip: "AuthN = who, AuthZ = what." Authenticate once, authorize on every request.

Go deeper:

From Quiz: INTROL / Firewall Advanced Lab (Lab 6) | Updated: Jul 14, 2026