TP-Link Omada (Legacy)

Compatibility

Social WiFi has been tested and is proven to work on the following configurations:

Omada Cloud-based Controller

• Version 5.6.0 and above (tested up to 5.14)

Tip

You will need a paid Standard plan on the TP Link Omada Cloud-based controller.

As of September 2024, a new Essentials controller plan is available, but lacks the required functionality to setup a Captive Portal.

Omada Software Controller

• Controller V4: unsupported
• Controller V5: versions 5.3.1 and newer (tested up to 5.14)

Tip

If you’re using a version higher than 5.14, please switch to the Omada article.

Access the administration panel

This guide assumes using the web based UI of the controller, which you can access by entering the IP address of the device in your browser. E.g. if the controller is installed on a local machine, enter: http://127.0.0.1:8088. The screenshots are based on controller version 4.4.3.

Alternatively, if your device is managed from Omada Cloud, you can access the management UI from there.

Wireless network configuration

If you don’t have a wireless network configured yet, go to Settings → Wireless Networks and click the Create New Wireless Network button.

Use the following settings:

Network Name (SSID)	e.g. “Social WiFi” (or any name that you want)
Band	2.4GHz and 5GHz (or only one of them, if you prefer)
Guest Network	Enable
Security	None (preferred for guest WiFi)
Apply

RADIUS configuration

Go to Settings → Authentication → RADIUS Profile and click the Create New RADIUS Profile button.

Use the following settings:

Name	socialwifi
Authentication Server IP	35.205.62.147
Authentication Port	31812
Authentication Password	RADIUS Secret is available in Access Points tab of the Social WiFi Panel
RADIUS Accounting	Enable
Interim Update	Enable
Accounting Server IP	35.205.62.147
Accounting Port	31813
Accounting Password:	RADIUS Secret is available in Access Points tab of the Social WiFi Panel
Save

Portal configuration

Go to Settings → Authentication → Portal and click the Create New Portal button.

Use the following settings:

Name	Social WiFi
Portal	Enable
SSID & Network	Social WiFi
Authentication Type	RADIUS Server
Authentication Timeout	8 hours (change it, if you want to kick people sooner or later)
RADIUS Profile	socialwifi
NAS ID	Can be anything, you can leave the default value
Portal Logout:	Not Enabled
Authentication Mode	PAP
Portal Customization	External Web Portal: http://login.socialwifi.com
HTTPS Redirection	Not Enabled (recommended)
Landing Page	The Original URL
Apply

Access Control configuration

Go to Settings → Authentication → Portal and click the Access Control tab at the top. Click Enable next to Pre-Authentication Access. Click the (+) Add button.

Now you’ll need to add the following domains. Change IP Range to URL and for each domain add an entry. You can add more entries by clicking the (+) Add New Pre-Authentication Access Entry button.

Mandatory

login.socialwifi.com
sw-login.com

Facebook remarketing pixel

connect.facebook.net
www.facebook.com

Google remarketing tag

www.googletagmanager.com
www.googleadservices.com
googleads.g.doubleclick.net

YouTube widget on login pages

Not supported, because TP-Link Omada controller does not support wildcards in URLs.

Facebook login

facebook.com
static.xx.fbcdn.net
external-frt3-2.xx.fbcdn.net

X (Twitter) login

twitter.com
api.twitter.com
x.com
api.x.com
pbs.twimg.com
abs-0.twimg.com
abs.twimg.com

LinkedIn login

www.linkedin.com
static-exp1.licdn.com
media-exp1.licdn.com
static.licdn.com

When finished, press Save and then Apply.

Add the access points to Social WiFi panel

The setup of the controller is now finished. The last step is to add all access points to the Social WiFi platform.

Go to Devices in the menu on the left. We need to display the MAC address for each device. In order to do that, click on the three dots icon, just next to the Actions column. Click on the checkbox next to MAC Address. The MAC ADDRESS column will be added. You will need those MAC addresses in the next step.

Now, switch to Social WiFi Panel, go to Access Points tab, click the Add button and paste the MAC addresses of all of your access points controlled by the Omada controller. Click Create.

Test the solution

Connect with the WiFi network. You should see a login page. Go through the login process and, once finished, you should have internet access. You should see first connections and authorizations in the Social WiFi Panel’s statistics section.

Firewall troubleshooting

Symptom: after connecting to the WiFi network, on the last step which is clicking the “Connect to the internet button” you’re not getting connected to the internet.

Solution: it might be the case that you have a firewall that blocks traffic between the WiFi device and the controller. You might either have explicit blocking rules on the firewall, or simply have separate VLANs for the guests and the controller and the traffic between them might be blocked as well. In this case you have to unlock specific ports. For example:

• TCP 8088 (When the clients visit the Portal page via an HTTP connection)
• TCP 8843 (When the clients visit the Portal page via an HTTPS connection)

More details on firewall configuration are available under this link:

https://www.tp-link.com/us/support/faq/3281/